{"report_id":"4b017dc7-de4c-43cd-aa86-9053b2fe2fed","version":6,"status":"done","tags":[],"date":"2025-09-07T06:50:13Z","url":{"schema":"http","addr":"daddylivestream.fun/s-024/D982.php","fqdn":"daddylivestream.fun","domain":"daddylivestream.fun","tld":"fun"},"ip":{"addr":"172.67.137.55","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"daddylivestream.fun/s-024/D982.php","fqdn":"daddylivestream.fun","domain":"daddylivestream.fun","tld":"fun"},"title":"daddylivestream.fun/s-024/D982.php"},"submit":{"url":{"schema":"http","addr":"daddylivestream.fun/s-024/D982.php","fqdn":"daddylivestream.fun","domain":"daddylivestream.fun","tld":"fun"},"ip":{"addr":"172.67.137.55","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-12T06:50:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"cb.vleigearman.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"incompetencesorting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"bt2pt.com","ip":{"addr":"139.45.197.116","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2014-03-09","domain_rank":58095,"first_seen":"2025-04-26T04:08:58.755816Z","last_seen":"2025-09-01T18:45:30.858989Z","alert_count":0,"request_count":2,"received_data":1666,"sent_data":1202,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"oyo4d.com","ip":{"addr":"139.45.197.118","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2019-03-26","domain_rank":201644,"first_seen":"2025-06-02T17:08:26.404235Z","last_seen":"2025-09-05T07:39:12.80295Z","alert_count":0,"request_count":2,"received_data":1644,"sent_data":1210,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-09-03T05:15:01.027628Z","alert_count":2,"request_count":2,"received_data":754,"sent_data":843,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"kzt2afc1rp52.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2020-04-27","domain_rank":1699334,"first_seen":"2020-04-27T04:28:17Z","last_seen":"2025-08-31T19:37:32.764019Z","alert_count":0,"request_count":1,"received_data":111008,"sent_data":452,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"jxoxkplay.xyz","ip":{"addr":"172.67.134.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-13","domain_rank":3757661,"first_seen":"2025-08-01T19:58:39.592871Z","last_seen":"2025-09-06T16:11:25.684029Z","alert_count":0,"request_count":3,"received_data":129002,"sent_data":1461,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"daddylivestream.fun","ip":{"addr":"104.21.94.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-15","domain_rank":0,"first_seen":"2025-08-24T12:44:56.289779Z","last_seen":"2025-08-24T12:44:56.28978Z","alert_count":0,"request_count":3,"received_data":32874,"sent_data":1486,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"usrpubtrk.com","ip":{"addr":"172.67.186.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-16","domain_rank":6824,"first_seen":"2025-06-17T13:34:00.105327Z","last_seen":"2025-09-03T03:17:34.169187Z","alert_count":0,"request_count":2,"received_data":1040,"sent_data":993,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-09-02T21:58:08.747598Z","alert_count":0,"request_count":2,"received_data":171926,"sent_data":833,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2025-09-04T01:09:44.182659Z","alert_count":2,"request_count":2,"received_data":6446,"sent_data":961,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-09-05T07:26:15.046614Z","alert_count":0,"request_count":1,"received_data":65088,"sent_data":462,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"incompetencesorting.com","ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2025-03-26","domain_rank":933345,"first_seen":"2025-04-08T16:08:22.654544Z","last_seen":"2025-08-31T18:23:27.728476Z","alert_count":2,"request_count":2,"received_data":149417,"sent_data":918,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"acscdn.com","ip":{"addr":"104.18.16.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-05-05","domain_rank":18769,"first_seen":"2020-05-06T08:07:13Z","last_seen":"2025-09-06T05:27:33.957332Z","alert_count":0,"request_count":2,"received_data":245418,"sent_data":835,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"madurird.com","ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-10-06","domain_rank":7966,"first_seen":"2023-10-07T10:39:52Z","last_seen":"2025-08-31T11:15:20.274304Z","alert_count":0,"request_count":3,"received_data":332068,"sent_data":1238,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"t.dtscout.com","ip":{"addr":"172.67.70.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2013-11-01","domain_rank":54823,"first_seen":"2017-01-30T04:52:42Z","last_seen":"2025-09-06T09:31:27.217291Z","alert_count":0,"request_count":1,"received_data":2804,"sent_data":513,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-09-02T21:55:29.156182Z","alert_count":0,"request_count":1,"received_data":496,"sent_data":770,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"18.159.241.11","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-09-05T14:56:19.912818Z","alert_count":0,"request_count":3,"received_data":1159,"sent_data":1439,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-09-03T16:13:25.30858Z","alert_count":0,"request_count":1,"received_data":90137,"sent_data":421,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"waust.at","ip":{"addr":"104.26.5.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":36042,"first_seen":"2016-01-28T18:24:33Z","last_seen":"2025-09-06T18:47:44.251336Z","alert_count":0,"request_count":1,"received_data":12861,"sent_data":399,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-09-04T19:47:25.0413Z","alert_count":0,"request_count":3,"received_data":2569,"sent_data":1411,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"worldsportz4u.shop","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-11-21","domain_rank":5223229,"first_seen":"2024-12-01T14:41:32.779738Z","last_seen":"2025-08-23T19:24:21.380099Z","alert_count":0,"request_count":2,"received_data":308595,"sent_data":995,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"adexchangeclear.com","ip":{"addr":"104.21.78.155","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-04-27","domain_rank":24943,"first_seen":"2025-07-16T08:40:02.47428Z","last_seen":"2025-09-03T16:51:25.407722Z","alert_count":0,"request_count":3,"received_data":5555,"sent_data":2299,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-09-03T15:27:27.695589Z","alert_count":0,"request_count":2,"received_data":544312,"sent_data":891,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"al5sm.com","ip":{"addr":"172.67.218.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-03-16","domain_rank":258018,"first_seen":"2025-05-15T06:18:19.189688Z","last_seen":"2025-09-04T05:47:31.04417Z","alert_count":0,"request_count":2,"received_data":221718,"sent_data":822,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"wayfarerorthodox.com","ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-08-08T11:06:50.216151Z","last_seen":"2025-09-05T14:16:27.951282Z","alert_count":5,"request_count":5,"received_data":20735,"sent_data":7202,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cb.vleigearman.com","ip":{"addr":"23.109.170.255","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-10-25","domain_rank":0,"first_seen":"2024-10-25T08:02:19Z","last_seen":"2025-08-31T21:37:14.04812Z","alert_count":1,"request_count":1,"received_data":1453,"sent_data":432,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"upload.wikimedia.org","ip":{"addr":"185.15.59.240","port":443,"asn":14907,"as":"WIKIMEDIA","country":"United States","country_code":"US"},"domain_registered":"2003-03-16","domain_rank":4329,"first_seen":"2012-05-21T09:39:45Z","last_seen":"2025-09-04T15:52:29.832842Z","alert_count":0,"request_count":1,"received_data":1787,"sent_data":467,"comment":"","tags":null,"fingerprints":[{"name":"Apache Traffic Server:9.2.11","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4692d44b1860b33e430a87c56b6cdc22","sha1":"ab49192fc1912cab78a1b6cfe12e00afafca8100","sha256":"c7c3cddd2d4c88819bed5b3ce8964a258534be4a2ad17cba9587424a7a10cc42","sha512":"3505c267c6c73d7542c7eba477cdede26e08cda2a63e960409c7e8ac15da7e898887429e4e1cdf1443de7285da1ff80c7964e1f636221a07e83d63ed49ed17f5","ssdeep":"","tlshash":"2811ab087050f486125f20b5823b450ba1a3c87f624878d0abadc8faaf7449e1c53f6d","size":1000,"data":"","first_seen":"2025-04-08T02:16:43.330327Z","last_seen":"2026-04-04T12:17:30.494259Z","times_seen":416,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylivestream.fun/s-024/D982.php","fqdn":"daddylivestream.fun","domain":"daddylivestream.fun","tld":"fun"},"ip":{"addr":"104.21.94.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1d9deae7701d497d574970d06a989c5d","sha1":"f38050e130fcc42b1dde879a07822603ba98e148","sha256":"d9f439547db14f70b0db0ba8136c8829050a6b2f2bb69f6de76cd410faefa67d","sha512":"2d567be43bbfb3e0d3fac89d61dc556c4e235ad41c38d0889c5af3de479fa2930f1a2621c82f4c8672729d62152c12a79acc9e32c4314288be671cb2fb674e40","ssdeep":"","tlshash":"1cc02bdc8501ff544033cc090c2df140c2208d523548401731e2143493448524c4239c","size":139,"data":"","first_seen":"2025-08-24T12:45:00.635129Z","last_seen":"2025-09-08T22:45:45.05367Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylivestream.fun/s-024/D982.php","fqdn":"daddylivestream.fun","domain":"daddylivestream.fun","tld":"fun"},"ip":{"addr":"104.21.94.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7ddb956f4b574e1a97aaa28aa70426dc","sha1":"b47a5b044abbd1843101375346a101532b5356cb","sha256":"065ecd4b458ba509c95f79b17e1271e9cf8309ccea3281472c08c567a5c942b6","sha512":"58c83b1501bf32f42f8f44f85406c7ce158f76d5d7898fab11df455f859afb2db264cea7f2d86b6494a46f46ddb549b63f51943d9aca1d8c94a1944a6760c910","ssdeep":"","tlshash":"f190026a15e5c4151a72241c4d1d8d795059050bc804a5c93a8c81b88b190945016606","size":56,"data":"","first_seen":"2025-08-17T23:17:26.694244Z","last_seen":"2025-09-07T06:50:18.433472Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"madurird.com/tag.min.js","fqdn":"madurird.com","domain":"madurird.com","tld":"com"},"ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a297f091be61b78a52cfd5e6a10e7ec1","sha1":"7e9581b661e81b2b731ad367c6290b190f3a15be","sha256":"abe381edd3a8481d2e2768d07a0d930ea8dd9f726706a2a2fc34ec1ae048d2c9","sha512":"da3893965dc4d835961c3bb280e765619ed2c15b903ac163fc1ea1bf993315e862b7be0f1586dcb73612ef30446bdb72362041ca931acd80a31830b114c4bfc3","ssdeep":"1536:F6KpKfzIHKJYl2MGRCYmNZ2ClqIZPgAz0Sjf654+DIVV2P6O2e:IK5KJe2Gj2ncr0Sz6+3o6O2e","tlshash":"41b32aca226a241612bf80344457ed1db5aecd81048dcdb8e0e5b8762d78b16d3fbfd9","size":109670,"data":"","first_seen":"2025-09-04T13:29:38.94469Z","last_seen":"2025-09-08T05:20:26.030483Z","times_seen":127,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldsportz4u.shop/online/stream-982.php","fqdn":"worldsportz4u.shop","domain":"worldsportz4u.shop","tld":"shop"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f6ca01bb0ca3ebde821544f18ec83583","sha1":"2e8cbf747f80c79ae8c12b8685556757e813b9db","sha256":"a1d2b03b3b1269adbdcbda20f64807bc730335783a9a90e9fbd743f898fb675c","sha512":"abe6913529a7c6d57112e1fd7e8705144a557783b8b7e957c00e9d2a1cb5b05c00411e04d1c84a5df1032558a0151b396099d0582dbc944944f6040dad241573","ssdeep":"","tlshash":"cbf05c2a98e707384cfa7a441034ca7534fc38a0a9a3d067625cc82ccd39fc54c14bec","size":467,"data":"","first_seen":"2023-03-09T01:35:27Z","last_seen":"2026-04-04T19:33:46.354597Z","times_seen":908,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"al5sm.com/tag.min.js","fqdn":"al5sm.com","domain":"al5sm.com","tld":"com"},"ip":{"addr":"172.67.218.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c5c814d199e63bb78cd152255d04c2fa","sha1":"c9ae4be788a8f36815c9043a1ef187d9e463fd21","sha256":"834a5917c5adafa0e4b7fd3ae6631f8f08d09eb046881b5fa2e1d4f57fa37a77","sha512":"c2219dd451267968d03c74a10460b4032a3d1a5a8a7e819a9cc1c6d8a019b0ba54bb2ad531fd8807bd3bc754aea033b95527663f71a03c9ed4f49067cb09dfa1","ssdeep":"1536:F6KpKfzIHKJYl2MGRCYgNZ2ClqIZPgAz0Sjf654+DIVV2P6O2e:IK5KJe2GF2ncr0Sz6+3o6O2e","tlshash":"f2b32aca226a241612bf80344457ed1db5aecd81048dcdb8e0e5b8762d78b16d3fbfd9","size":109670,"data":"","first_seen":"2025-09-04T22:22:15.10742Z","last_seen":"2025-09-07T20:22:42.614483Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"172.67.134.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"78a6702d966a64ed29eca96bfefed3de","sha1":"cc38ab49fb9cf0b5dfe3639378bd12af22ef1c0c","sha256":"00f32959faf141840611a9e3f434a6924cbcd843de990bb5df8ad037b9f8d095","sha512":"2b6c83fa444ad44b55fcced6f581d11b7a8e1e4339769b78b124e257de6526d0e1f7f2a974311d2a5e92633a22ff4846ee52276703d73de4dca305a5eba4be29","ssdeep":"","tlshash":"8d9002e65045d01019e61142772273497932159931451002821a4115301192fcb51594","size":52,"data":"","first_seen":"2024-07-11T01:38:35Z","last_seen":"2026-04-04T19:33:28.17349Z","times_seen":860,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"172.67.134.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-04T21:43:48.463031Z","times_seen":594432,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"334b2f72fd4d5ace16581045f0345f1f","sha1":"2eb75c6735ea784116926860636c74bef3be6744","sha256":"bf37041eaa6398fa4551ea62d0aa35aae4efe769d630391f341cbf8e811f0273","sha512":"2da673a6ac47e99e97e257e23d0da3763c191c12ad1ab5f2688070188a0cba5810d7455f7f258fdb0fac3a4ce8bc228724289cf77e93b819a3b4d65f750a1dcb","ssdeep":"","tlshash":"f1310aa967a4413c276cc075114f2b7b2893f524be8bd4854f192098a70d2e55e4e9ed","size":1564,"data":"","first_seen":"2025-09-07T06:50:18.435641Z","last_seen":"2025-09-07T06:50:18.435641Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldsportz4u.shop/online/stream-982.php","fqdn":"worldsportz4u.shop","domain":"worldsportz4u.shop","tld":"shop"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"df8189abd03961579b68abeb0ef1f439","sha1":"d3a2909890559a0aa23030ef328886f095eaa0a3","sha256":"8f579ea6b447f01f4843b8a68b92f6dbe983d9faaf1325349bf70c5006bf5de2","sha512":"0ee32a98a7f22087b067671abf4d99e50d2b6ef6200492964a39d9cfc99350111c549c3a4233109ecda028cc2f382167c9c65c5d6bcbafd478798e8aac59c420","ssdeep":"6144:N+rFR9B39FjG6Y3jeumFQg/BJojGQaA/TBEOBsBrufLnprM:N+RRr39FjZY3j7mFQg/LoXaA/TBEOBYN","tlshash":"a24429493252b2f63bd250d55c3ba546e2365059780dc428f6ecc8d2a9afdce6232f7c","size":268789,"data":"","first_seen":"2025-09-07T06:50:18.436657Z","last_seen":"2025-09-07T06:58:37.579045Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"a524ecfbd97124fd2e9c3f6ad371ca23","sha1":"a281b89a51cfe367f92816be50eba55ccc0eaee6","sha256":"5549a01f3d1c788c8e44dc8a54e5c9103880b5608d3b44e0a0ea4ebd124dc18f","sha512":"dbfa06ea3faf0b6451668b8634e61e52c71ac098f26b08551cac54344128a205b2378e56953102dda758aa63fab8ed1e22c3a74eda39a154caff8f2b6b3bdee5","ssdeep":"96:WhmlSzNzYF4RWz3qVeBYJ2gzAKAYaR/tCP/KZhWAEGo:SmAz+60BSF81RM3KZoGo","tlshash":"b1a1618e3f81b4ac069270372f3f6e0ef13a5c55195ad4d8d202a0a47f28a39d4b6b55","size":5080,"data":"","first_seen":"2025-08-06T23:31:31.906679Z","last_seen":"2025-09-26T10:32:45.122277Z","times_seen":4581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"172.67.134.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"a6425052f2adbb4bad3f5316ff508c2a","sha1":"78c9e066e5ca22305b1d11d87431acaf05ac0a02","sha256":"c41e1fa74b506190088698ea950166585d4a3454e3077baf53c9b686c237f81f","sha512":"c6af463508e7e4e8fa0d75a2ce2ccfb21ceb6b244f244abb2c498f148ff95587c30cee54efe6d127d186e983ebe2acfda0bfb8f3a35331ecd1947655a47cc06a","ssdeep":"","tlshash":"f550000030003c0000c0000f0c033000cc00000000300000c000000030300c0c000000","size":9,"data":"","first_seen":"2025-09-06T23:32:59.632142Z","last_seen":"2025-09-07T06:58:37.597139Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldsportz4u.shop/online/stream-982.php","fqdn":"worldsportz4u.shop","domain":"worldsportz4u.shop","tld":"shop"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"60f1798bac26472658ff588720760829","sha1":"9929b26eeb812be15261ac5aee076e468bf4764f","sha256":"acf1662d0ddc764da1a0a9ca8c14ce6d6a937aecef80b4b0e0426698a24b765d","sha512":"9d0a619d6ac5f0516ddca9675f3eb2f0f58b6f2277e3e5925fa3ef9609f51fd08ab1826a609edf62cc1eb9d5c6543e459c205ffab10ef6cd4973caf62803f07e","ssdeep":"","tlshash":"aac08ca60128d1aae0a94c05270242006cf5bc6fdb8fea060840c20fae27216c798698","size":157,"data":"","first_seen":"2023-03-11T19:15:55Z","last_seen":"2026-04-04T19:33:46.368784Z","times_seen":713,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"338baeef63ff72ca5845822683b77e07","sha1":"6539db9d6e88a78081b892c3ca7390b55a2fea41","sha256":"e9f0a675d1639d44a8fb2da1cbd598a61f507dc87c52997b5770afd5e9d754f0","sha512":"6b683d1babd62406ffa1adea434bda1de2e225d2c45da02bf6fa4f953b48e89af9bb3bb6ae4f351fd7184cda4b374eb793379abe38034739930cc4e9f8708e11","ssdeep":"","tlshash":"13c04c546f033e22b5717d4eef0b33c5d8e113876531660aa1a75450f58a5b71941584","size":145,"data":"","first_seen":"2025-08-24T12:45:00.629942Z","last_seen":"2025-09-08T22:45:45.05917Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"al5sm.com/tag.min.js","fqdn":"al5sm.com","domain":"al5sm.com","tld":"com"},"ip":{"addr":"172.67.218.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c5c814d199e63bb78cd152255d04c2fa","sha1":"c9ae4be788a8f36815c9043a1ef187d9e463fd21","sha256":"834a5917c5adafa0e4b7fd3ae6631f8f08d09eb046881b5fa2e1d4f57fa37a77","sha512":"c2219dd451267968d03c74a10460b4032a3d1a5a8a7e819a9cc1c6d8a019b0ba54bb2ad531fd8807bd3bc754aea033b95527663f71a03c9ed4f49067cb09dfa1","ssdeep":"1536:F6KpKfzIHKJYl2MGRCYgNZ2ClqIZPgAz0Sjf654+DIVV2P6O2e:IK5KJe2GF2ncr0Sz6+3o6O2e","tlshash":"f2b32aca226a241612bf80344457ed1db5aecd81048dcdb8e0e5b8762d78b16d3fbfd9","size":109670,"data":"","first_seen":"2025-09-04T22:22:15.10742Z","last_seen":"2025-09-07T20:22:42.614483Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldsportz4u.shop/online/stream-982.php","fqdn":"worldsportz4u.shop","domain":"worldsportz4u.shop","tld":"shop"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"5364d97de962b690e00af34392df438a","sha1":"696e39fc6b33c0ed959b2ed37e5ecb0b5426f757","sha256":"66390d1e39f017b48a1bbb48d1a883269c6c1d690ccc8c8b850adf06bdfa427d","sha512":"f10fcfc4ee9bd8844a4fa47ea635e52e39898536c3fe8745a1b90ebe7da9d1b42dc1367dd5fc31cdd2f46f582b67c00e8f7a95697461cf90cb80d3b58ea29ef6","ssdeep":"","tlshash":"395000003300000c0000c00303c0c00000000000000c00030000003c0c000300000000","size":9,"data":"","first_seen":"2025-07-26T16:19:45.914735Z","last_seen":"2025-12-23T01:04:01.022377Z","times_seen":63,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/aclib.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.16.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4a61f7fd980e63c940475731d6b2c09","sha1":"3d54ab589cf77d966d76313e41cb4543f03664c2","sha256":"2c90513e96889753b8c0aba761a15821342b4f9431073871c233dbdc50e8c71c","sha512":"b795dff08a71edb05d542c74d43cf836b55737298407fdf914db518d8489067f2c72a19a6a3791e3a30099a058f16788c99f88e3b4a4d09f18712ccc105500d1","ssdeep":"3072:G068+RhI8FvQeXO0AFQM4MmMnTQwvS1kK/P/h:B6phN1DFoSXXh","tlshash":"3ce3e849bad2b0f867e261e4942f9646e1371624740e98d5f6fac5d1a879ecf0033e3c","size":146805,"data":"","first_seen":"2025-09-02T17:05:36.787597Z","last_seen":"2025-09-11T06:46:03.245891Z","times_seen":209,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"172.67.134.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b50a7599a1cd871d2b379f9ef0b04aa4","sha1":"66783a5680bbf18a422b0ebf586f787abb91f56f","sha256":"94ba1e39aa22b534544bd907ddee33191396ded56a47cabf861e12ed65780385","sha512":"cb2dfa3c11be87aa80067ec44a034287bc817644e0e5c0bec92f0ec539919e362b7f1f14e9341a055cb68ab709bbfb41c1c082387d7b698b96b719ece4a2502a","ssdeep":"","tlshash":"2e90008c888f00e0ea2008002bac008038b022038222f0e0b00ef20c0f0838c280b0c2","size":45,"data":"","first_seen":"2024-07-20T17:31:12Z","last_seen":"2026-04-03T22:34:53.973345Z","times_seen":487,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"172.67.134.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"40f1575e65c3c68b862e7e910c816685","sha1":"7ee25cd4a7951ea15bca20ec33dbe4b822132812","sha256":"4d490e5ba23f3ffd9aea61d2bd7d22464c85ed6c4e784755723de7b238a4e06f","sha512":"53df2b61fbbc1cd69d9289dc8ae9484e198cffd12fe9d3581b57797627539d16fcd0561b9282c8d279ce28d936598e24d404cb41fdd0f4895b327c7b34e37cf8","ssdeep":"","tlshash":"357150f2ac83cc4132d1d55c5daede3b701868eb702184167e8dbfd49918eada03b06e","size":3584,"data":"","first_seen":"2025-09-07T02:04:43.155928Z","last_seen":"2025-09-11T19:42:15.668268Z","times_seen":31,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"68b0a799daf30f190cb4274b60b615e5","sha1":"524e538e532df304d95801fbc4d1048919452d66","sha256":"8ae231d856bfff6ef52071fe4b426b76fb21a0d1eca17d4fca8cb853183bfbda","sha512":"fb069908b90f3953e4ad844531ba6e61c8cbea57a8caf11237ac2dd9e90511cdb5d1fe0e79c64d4e697c4a1ea17c9067d1193c4ca42a206cbbd8bb9c5cb64060","ssdeep":"","tlshash":"eb41fb7617eb376145deb5f9168b33d8295452062344b8deb43ec6905ba0cd1096acc0","size":2042,"data":"","first_seen":"2025-09-07T06:50:18.442343Z","last_seen":"2025-09-07T06:50:18.442343Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"172.67.134.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"49b2ba14031388d7fa3cfcda5fd5d41e","sha1":"2fd6433c45005a21f82b521433238b5102ddd946","sha256":"cf70a5c369011327908eb7340fce9a2c7d48457a5661bf48e414c020835cc435","sha512":"1624fb5078e8f9809defb7280e977dbdd2eed5f33abcd5c4ac9db17c0c867d7b1d1adb3fb5b03dfe85b37194724cef934558f164f0b7d764426c17827eede450","ssdeep":"","tlshash":"585000c0000000000000c000003c00cc0000000030000c000000000000000000000003","size":8,"data":"","first_seen":"2025-09-06T23:32:59.619338Z","last_seen":"2025-09-07T06:58:37.555323Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylivestream.fun/s-024/D982.php","fqdn":"daddylivestream.fun","domain":"daddylivestream.fun","tld":"fun"},"ip":{"addr":"104.21.94.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"fd6e1f967c2d5b1b11ff9fdbbd953cdf","sha1":"5ecaf1e94e3bad55f057117d4f146380d801829d","sha256":"0fc8450ea28c9f98971d0ef66042a437f233ca3c329f987e754502669d163f63","sha512":"b4c7de342fb6deb47c8aab8fa2a6168286aa73aa95b30dde9deac49a08be44d8c34f21a7b1afa4723bf941fadf581bb5ffe7e271fe377bdb86012b5e775ae368","ssdeep":"","tlshash":"d85000000c000c03000f0000000c00000000000000030c0c0f0000000030300030000c","size":10,"data":"","first_seen":"2025-08-17T23:17:26.706716Z","last_seen":"2025-09-07T06:50:18.444406Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldsportz4u.shop/online/stream-982.php","fqdn":"worldsportz4u.shop","domain":"worldsportz4u.shop","tld":"shop"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"bab8c7bd945fd1d0415fade45ae638e5","sha1":"90e67852cf74cd13e3bb9201031fe8df979df286","sha256":"e3e5b27062acab3fdcabb0b644aa08002ecfe6b734b1fd8282f0368dd0197905","sha512":"ae5e06f8ba6075215f2421f634b7775d36d4481059dbdf281de9cde1899eb804ad020eee1b97643afba7877a51a7ccb837956adcd0b2fdfb8f8825cc3cd460bd","ssdeep":"","tlshash":"30500000c0000c003030000c000300000030c0000300c000000000c33c000000003003","size":9,"data":"","first_seen":"2025-07-26T16:19:45.898642Z","last_seen":"2025-12-23T01:04:01.019182Z","times_seen":63,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldsportz4u.shop/online/stream-982.php","fqdn":"worldsportz4u.shop","domain":"worldsportz4u.shop","tld":"shop"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ff656e6bdffbea98da4df97ff7ae3d21","sha1":"f742e8d729409184fdaf152c2d2b670d6db7e9ec","sha256":"9e6e95d6fa2ce522e900a6eb22ef91ae4fa930a9e39e2ca913742d48d0484b68","sha512":"6d33c580d8b244ba6a4268947d576a1633f299fa43cc01e6f492e69b3245b277b9ead9597d20e953f5af78c8b9caa3c2fd80fc92a259de307b4461ccd71b63a0","ssdeep":"192:M4CrN2ip9brETbWI/Yum+RyXePI06HGwBJk4W1x:MjH9brETbP/Yum+RyXePI06mrX1x","tlshash":"2802c9bb7b49359061f10c7e625b7225753604baaa0f9512a262c8513c1cd0fc3afbee","size":8477,"data":"","first_seen":"2023-07-23T19:35:27Z","last_seen":"2026-04-04T19:33:46.37848Z","times_seen":648,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"incompetencesorting.com/6ae13b8edcf64696bf65510df705d5c5/invoke.js","fqdn":"incompetencesorting.com","domain":"incompetencesorting.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"d6150bac1e2bfac1e13712461333324b","sha1":"e2d034e77dc040889d3a9e4c8a5deafc76a04704","sha256":"3bb83a7d65006d4f65f8c4741f5d3f84337504e9589f52fc724d557fb76fc703","sha512":"15fd1a016723c32fda3fd951ca520849f7a6a87eae9a3bc003a70c5250660ccac970d64eb74df0778378e7af36b3e30938cbdcc4ea57de4266be1b6b46f563a8","ssdeep":"768:xBn6ccuBFYdYjHMjYZ6lRtsW8Yg1L/lUUYEFYLetqz:z6c7BF0Y6H98Y0L/qJEFYLetqz","tlshash":"e0f207883fc0b3d456ab2867337fd01ba1955d04a54cd098e927f4e82de876af727b60","size":37629,"data":"","first_seen":"2025-09-07T06:50:18.426636Z","last_seen":"2025-09-07T06:50:18.426636Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kzt2afc1rp52.com/dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js","fqdn":"kzt2afc1rp52.com","domain":"kzt2afc1rp52.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8053a0a756a27365082b41d25db96248","sha1":"c9da73311f13e2d505cd54f193206a985d144883","sha256":"62a73a3847ad3abb0ee69e7c12115aeb08dcfac56692c134db742aa89e4a9692","sha512":"f4f13ed8d6b5024eb6d7a6043c92e6a8e8882026fb044882542510bb175bc9e5ad05fd58506e298b8af9a2bacb5dd5b9df6c610bc14be7aeed739a492c87d982","ssdeep":"1536:x8FO2Og6h8Z1zbcz7eg3Z+FhVO1TOCo8PkiYYo170BeEtlx1FMuI:TD8vCGVIl+RzEtle","tlshash":"8bb3b7887f80f56c115630b2232fa05af2e91e41a8ccd548f557fde92a2d377b439a78","size":110166,"data":"","first_seen":"2025-09-07T02:52:38.746123Z","last_seen":"2025-09-20T23:29:25.955185Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"172.67.134.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-04T21:39:43.146668Z","times_seen":203611,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldsportz4u.shop/online/stream-982.php","fqdn":"worldsportz4u.shop","domain":"worldsportz4u.shop","tld":"shop"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"625f1f37b159d16e4320aa769b1de8f8","sha1":"c091f6103c959f78987d38e7a839d7cfff5d4f68","sha256":"354e9e78f6fa4550c5d255b0f95623fe35833dfdd1cbb5fe362ac9fd1e2fa3d1","sha512":"57649712a888f7267f189b85ee1c3a811f31ab16e4bbd3c2764da8b14a07761fc97fe73d95f98bb9f9deefad59e467b39c11b4b6488d051f4c3ddf3b93a97b8e","ssdeep":"","tlshash":"efc080f554e59632545500cd30bbd6a57d7031147562b0c4c89fbc5c9a34fd30991c64","size":179,"data":"","first_seen":"2025-08-16T12:13:43.683169Z","last_seen":"2026-04-04T12:17:30.492999Z","times_seen":241,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldsportz4u.shop/online/stream-982.php","fqdn":"worldsportz4u.shop","domain":"worldsportz4u.shop","tld":"shop"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1214efbfd1f29de1000353b3182abb22","sha1":"7e2e4f239a018f56ca6d210c8cd124563a5cd374","sha256":"8931a4d7b926e3be6ff0286c5d8d7e9c1289198804e7a91f17fe98b6bd5fbeb3","sha512":"189e9c0efb1f44c0c8e1bd31544519be07c7d4d0ffbd2fa1bb5886bab557d0b64bf1000056f4fb12df467c139b5cfb23639c52fb0118bf23476b6262a57e6496","ssdeep":"384:+v0a/K7iYFRdYtnbE0Qen9tO69aI8tAUeNDaUGRQ2t4PpBahqoo+KXnS7YhfGMOY:+K72nvQ80GaIoQPzahq/AMOY","tlshash":"dac2d5a7321eb91a8719626150ef2ec5a2cc48c4718f1f78e724e53634d763485ebef8","size":27957,"data":"","first_seen":"2025-07-26T16:19:45.917412Z","last_seen":"2025-12-23T01:04:01.004848Z","times_seen":63,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"incompetencesorting.com/68/8b/fa/688bfa9126cbe6934301445222184ffd.js","fqdn":"incompetencesorting.com","domain":"incompetencesorting.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"e08088ded877492d71dfa50d35cc3a26","sha1":"82ecc964d793fb9fcc364085f229ad576bac5d0f","sha256":"3c6aef810d934181b9627c2c2ea2b5cfeccd6606b828dd83cd4b202620bda478","sha512":"ebc74a0931144478be6db154b0986b9ea1a17ba1a98dd40effd5277b0a4422246ca12855e32c13c51525615f560ab95e419b48a01c67cdde405f6c88f8428134","ssdeep":"1536:x8FO2Og6h8Z1zbcz7eg3Z+FhVO1TOCo8PkiYYo170BbEtla6xT3I:TD8vCGVIl+RQEtl0","tlshash":"3bb3b7887f80f56c115630b2232fa04af2e95e41a8ccd548f557fde92a2d377b439a78","size":110158,"data":"","first_seen":"2025-09-07T06:50:18.424596Z","last_seen":"2025-09-07T06:50:18.424596Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/suv5.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.16.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b1e8496f75078e3a1afbf0ef51374084","sha1":"1c352391d76c0a3aa8083c08451991d660d8bef8","sha256":"3b6e64453469fe2c735736e33f8e1519e7b38d46c1a4e696f8e8ea245836fd52","sha512":"67aba7acb82b6f45a1b6d056cfebb42edfde4a74f59813630295faa2d586eb8ddfec5ae24b13efeb46ebcf244bc7303e7d8fc2cc792cd27448b5277d4cc061fb","ssdeep":"1536:LOFHKIV5GuKbOPNXN6ibR+6ry6j/IYOHSD/u/NNU48WQGFW4gkzwi/OsWVhL/Tyw:LYqmzIOVg6W6jUHSDm/NWP4hzihp","tlshash":"1693c649bad2f0e86be365e4842f5646e1772a24740d98d5fab6c5c19839ecf4033e3c","size":96855,"data":"","first_seen":"2025-09-02T17:05:36.719751Z","last_seen":"2025-09-11T07:26:20.061453Z","times_seen":165,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"172.67.134.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6115e742159b3ee4656a6439b5a6179c","sha1":"62f5ae62f58d086d1bf098ba8339a25823cb6f46","sha256":"d14042596d3dbc5a08fc18a4ac2d5e0b1cddd573b646ada980a5b6764ac1b6cc","sha512":"bcdb8380613603fc736924eadd7b1e0480799474e315b5cf0ce88751a27918d37261c44f02fa6705c968cc54869084180ea2c450b8e2141618bd023e68f92250","ssdeep":"384:+v0a/K7iYFRdYtGJ0Qen9tO69aI8tAUeNDaUGRQ2t4PpBahqoo+KXnS7YhfGMOIf:+K72GyQ80GaIoQPzahq/AMOY","tlshash":"1ec2d5a7321eb91a871a626150ef2e85a2cc48c4718f1f7ce724e53634d753485ebef8","size":27962,"data":"","first_seen":"2025-09-06T23:32:59.623612Z","last_seen":"2025-09-07T06:58:37.590687Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a524ecfbd97124fd2e9c3f6ad371ca23","sha1":"a281b89a51cfe367f92816be50eba55ccc0eaee6","sha256":"5549a01f3d1c788c8e44dc8a54e5c9103880b5608d3b44e0a0ea4ebd124dc18f","sha512":"dbfa06ea3faf0b6451668b8634e61e52c71ac098f26b08551cac54344128a205b2378e56953102dda758aa63fab8ed1e22c3a74eda39a154caff8f2b6b3bdee5","ssdeep":"96:WhmlSzNzYF4RWz3qVeBYJ2gzAKAYaR/tCP/KZhWAEGo:SmAz+60BSF81RM3KZoGo","tlshash":"b1a1618e3f81b4ac069270372f3f6e0ef13a5c55195ad4d8d202a0a47f28a39d4b6b55","size":5080,"data":"","first_seen":"2025-08-06T23:31:31.906679Z","last_seen":"2025-09-26T10:32:45.122277Z","times_seen":4581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f4c56d4a97962c98aab81fc5dcc54ef6","sha1":"9bd3e49b43b6fe864a9aa6306e53e20dc08658f5","sha256":"994c09d30719515272d440192219822084293c7874c1bb3511ad5b8876a0b3f9","sha512":"e6e215baf60717b11d86cbfed3f0d765bc63d3d14d04efe80926c41a6d0161e0cd6eeed7d98fa87d7635c0efc73ec812ed72e895ae5e74a9d1824200d2736f60","ssdeep":"96:boznTlkl5NwPlhNNq42uK9mQ7h/BkKVdNk1/DACfMEDaH:szTrPlhNNqUKEQ1/5PNcbACkCaH","tlshash":"a0a12d656fe737341579b0bd126f73583c10a10b2709dc4ab91ee550af54ee00daedc8","size":4850,"data":"","first_seen":"2025-09-07T06:50:18.453036Z","last_seen":"2025-09-07T06:50:18.453036Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldsportz4u.shop/online/stream-982.php","fqdn":"worldsportz4u.shop","domain":"worldsportz4u.shop","tld":"shop"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"625f1f37b159d16e4320aa769b1de8f8","sha1":"c091f6103c959f78987d38e7a839d7cfff5d4f68","sha256":"354e9e78f6fa4550c5d255b0f95623fe35833dfdd1cbb5fe362ac9fd1e2fa3d1","sha512":"57649712a888f7267f189b85ee1c3a811f31ab16e4bbd3c2764da8b14a07761fc97fe73d95f98bb9f9deefad59e467b39c11b4b6488d051f4c3ddf3b93a97b8e","ssdeep":"","tlshash":"efc080f554e59632545500cd30bbd6a57d7031147562b0c4c89fbc5c9a34fd30991c64","size":179,"data":"","first_seen":"2025-08-16T12:13:43.683169Z","last_seen":"2026-04-04T12:17:30.492999Z","times_seen":241,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/disable-devtool@latest/disable-devtool.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"be2d0eed5eded93d8440b1dae0f30960","sha1":"36e7177a4932c42e56d3e3f7b0580e4c88df96d5","sha256":"8368de6b02128e66831895a77f280482d7ed841a61c42d2304966f12a4efd46d","sha512":"185f6d9ce439ce4ddf557c13303790f74031c221e1578c98aee9a8b10e5ee6cca66c207b04686510faa128ccf19ea5f3c71d3494157709f5a7e984079c6c1ad7","ssdeep":"","tlshash":"8b110209b920b49661ab53fe811f000fb33098b7d89d58e057244cf59ef10ad05d7f0d","size":1000,"data":"","first_seen":"2025-08-02T17:09:38.072547Z","last_seen":"2026-03-29T20:57:16.859315Z","times_seen":519,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylivestream.fun/s-024/D982.php","fqdn":"daddylivestream.fun","domain":"daddylivestream.fun","tld":"fun"},"ip":{"addr":"104.21.94.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ae3125d4c17ee505d73e5411480f4998","sha1":"e8fa968560899bf47bb561584b7ba4dddf83c4b9","sha256":"1caeacf6e76a8e906abf61cb57bb22005426832e35d25f4ac4bb89556c234b20","sha512":"684dc5b3dee8b8211580b239490356b2b8f5ae7a877100fcc2823c75a2bc8615a83afd2e4ef3865b20311820d22f179eaf530f2d7b6d542e0e7eb5c6dad81309","ssdeep":"384:+v0a/K7iYFRdYtrGTX0Qen9tO69aI8tAUeNDaUGRQ2t4PpBahqoo+KXnS7YhfGMV:+K72rGQQ80GaIoQPzahq/AMOY","tlshash":"39c2d4a7321eb91a8719626150ef2ec5a2cc48c4718f1b7ce724e53634d763485ebef8","size":27965,"data":"","first_seen":"2025-08-17T23:17:26.697343Z","last_seen":"2025-09-07T06:50:18.456099Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"javascriptURL","is_inline":false,"md5":"68934a3e9455fa72420237eb05902327","sha1":"7cb6efb98ba5972a9b5090dc2e517fe14d12cb04","sha256":"fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa","sha512":"719fa67eef49c4b2a2b83f0c62bddd88c106aaadb7e21ae057c8802b700e36f81fe3f144812d8b05d66dc663d908b25645e153262cf6d457aa34e684af9e328d","ssdeep":"","tlshash":"aa3000000000000c000000000000000000000000000000000000000030000000000000","size":5,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T21:47:21.808177Z","times_seen":66244,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"87c725e214683adf9b74663ff14946ab","sha1":"ccbe1b6c564d65ad51f1488627d8ea8d1e97e131","sha256":"93e773869f7f7e03ab47466b60c2b9113b1da6b969d5963c03678e5a4c0e0807","sha512":"1e58750aa931cbda42301559e3502f01877a49aa3dd6384fc9146e4ea9e24bc11fa94db7a17ddb522aa2b4ccdf51c65f21329abb1c5cd8edc69bc22fb90f980c","ssdeep":"","tlshash":"fe1121ad306572be1ba315e4a137974bf271117c605c04324b5dc8f5ac75caf8623ac8","size":1000,"data":"","first_seen":"2023-05-26T08:35:46Z","last_seen":"2026-04-04T19:33:28.22165Z","times_seen":5254,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"172.67.134.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5a774e3f3f50d990ee426b47a7a5e033","sha1":"9aa8984d60feb823b28791881bf02f3a0e9caf1c","sha256":"b869dcaa9146835641bfdf2eb8f89a7333dfb5b3e3acb61cf77f5bdc1488c281","sha512":"bc13482b39099c513154042ebb239bbd84fae0b144176f3a294fb46cf1734bcf7add238bc70c416bbc3332e8ef6a36236b3570f6c9c8ad65a1aef2b805f1356a","ssdeep":"","tlshash":"0ae026283db7e161012734eb2b3ec0526226c01dad24d78298feca989dd0ff00926dd0","size":332,"data":"","first_seen":"2025-04-16T10:55:46.992611Z","last_seen":"2026-04-04T19:33:28.175Z","times_seen":466,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylivestream.fun/s-024/D982.php","fqdn":"daddylivestream.fun","domain":"daddylivestream.fun","tld":"fun"},"ip":{"addr":"104.21.94.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"c3607741fe88be6f1375997514c9fe90","sha1":"457760e6e91e9389fa592722edacf57f0e3817e5","sha256":"c10b9d3129892581900751a9bc60d0870c9aafb27d1e9864aa84f0e2b6f047ba","sha512":"867a71a7c5c867a6814acbaeb39c5b836fe34a74ecb16f060044430d9ea326d54c57598df1e6d3330a4f6c1818362c7891630740785711adb6289b532c4200a0","ssdeep":"","tlshash":"6e500000cc3f03003000000003000000c300000fc0c00000c00030030000c0c0000000","size":10,"data":"","first_seen":"2025-08-17T23:17:26.700464Z","last_seen":"2025-09-07T06:50:18.459972Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"madurird.com/tag.min.js","fqdn":"madurird.com","domain":"madurird.com","tld":"com"},"ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a297f091be61b78a52cfd5e6a10e7ec1","sha1":"7e9581b661e81b2b731ad367c6290b190f3a15be","sha256":"abe381edd3a8481d2e2768d07a0d930ea8dd9f726706a2a2fc34ec1ae048d2c9","sha512":"da3893965dc4d835961c3bb280e765619ed2c15b903ac163fc1ea1bf993315e862b7be0f1586dcb73612ef30446bdb72362041ca931acd80a31830b114c4bfc3","ssdeep":"1536:F6KpKfzIHKJYl2MGRCYmNZ2ClqIZPgAz0Sjf654+DIVV2P6O2e:IK5KJe2Gj2ncr0Sz6+3o6O2e","tlshash":"41b32aca226a241612bf80344457ed1db5aecd81048dcdb8e0e5b8762d78b16d3fbfd9","size":109670,"data":"","first_seen":"2025-09-04T13:29:38.94469Z","last_seen":"2025-09-08T05:20:26.030483Z","times_seen":127,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cb.vleigearman.com/rVjkGPT6iMLH4RZ3/69521","fqdn":"cb.vleigearman.com","domain":"vleigearman.com","tld":"com"},"ip":{"addr":"23.109.170.255","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","size":5,"data":"","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-04-04T21:36:52.046697Z","times_seen":14823,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"madurird.com/tag.min.js","fqdn":"madurird.com","domain":"madurird.com","tld":"com"},"ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a297f091be61b78a52cfd5e6a10e7ec1","sha1":"7e9581b661e81b2b731ad367c6290b190f3a15be","sha256":"abe381edd3a8481d2e2768d07a0d930ea8dd9f726706a2a2fc34ec1ae048d2c9","sha512":"da3893965dc4d835961c3bb280e765619ed2c15b903ac163fc1ea1bf993315e862b7be0f1586dcb73612ef30446bdb72362041ca931acd80a31830b114c4bfc3","ssdeep":"1536:F6KpKfzIHKJYl2MGRCYmNZ2ClqIZPgAz0Sjf654+DIVV2P6O2e:IK5KJe2Gj2ncr0Sz6+3o6O2e","tlshash":"41b32aca226a241612bf80344457ed1db5aecd81048dcdb8e0e5b8762d78b16d3fbfd9","size":109670,"data":"","first_seen":"2025-09-04T13:29:38.94469Z","last_seen":"2025-09-08T05:20:26.030483Z","times_seen":127,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylivestream.fun/s-024/D982.php","fqdn":"daddylivestream.fun","domain":"daddylivestream.fun","tld":"fun"},"ip":{"addr":"104.21.94.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"62064b839a8bada9e425b5cce2956847","sha1":"e8331e2136279ad7a575a82f735f25ed3090fa91","sha256":"d4701f66be5197153ab92f50c5c2f99346cade5ab67cc25bd65a838a39e0a38c","sha512":"403964cc4fc4568172a5d9312778849f3d489d9885be5fc29fa7c88ab589945334d20a6e894dfc6f62777ecdc226826ff0929a3a32367c4402630ead2c86d28f","ssdeep":"","tlshash":"45e02b19a8e746384cf679485179ca7934f878a49ab3d02b615cc87dca39fd44c14eec","size":429,"data":"","first_seen":"2025-04-10T00:53:53.292485Z","last_seen":"2026-03-06T19:38:33.187713Z","times_seen":76,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"acscdn.com/script/suv5.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.16.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"acscdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 11 Jul 2025 17:47:20 GMT","end":"Thu, 09 Oct 2025 18:47:00 GMT"},"fingerprint":{"sha1":"63:1A:7B:92:DA:D9:63:40:A3:A0:9C:C9:93:7F:79:CD:2E:FB:74:83","sha256":"04:1B:0B:F9:88:64:45:59:58:1C:79:60:92:A4:74:68:1A:B8:40:3B:07:FA:A9:FB:E9:BF:89:C1:A4:1A:23:0A"}}},"request":{"raw":"GET /script/suv5.js HTTP/1.1\r\nHost: acscdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:51 GMT\r\ncontent-type: text/javascript\r\ncontent-encoding: gzip\r\nx-guploader-uploadid: ABgVH89scoawT8UZOAO6v2lWd_tBlHbVsmLDBdM3EqfZy9VWXk-wZ-iAvEto6uDR04m9Segc5JLeSew\r\nx-goog-generation: 1756801828786740\r\nx-goog-metageneration: 2\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 96855\r\nx-goog-hash: crc32c=pLPKiQ==, md5=sehJb3UHjjoa+/DvUTdAhA==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccess-control-allow-origin: *\r\nexpires: Sun, 07 Sep 2025 07:49:51 GMT\r\ncache-control: public, max-age=3600\r\nlast-modified: Tue, 02 Sep 2025 08:30:28 GMT\r\netag: W/\"b1e8496f75078e3a1afbf0ef51374084\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 3129\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 97b444c24d487129-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":96855,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators","md5":"b1e8496f75078e3a1afbf0ef51374084","sha1":"1c352391d76c0a3aa8083c08451991d660d8bef8","sha256":"3b6e64453469fe2c735736e33f8e1519e7b38d46c1a4e696f8e8ea245836fd52","sha512":"67aba7acb82b6f45a1b6d056cfebb42edfde4a74f59813630295faa2d586eb8ddfec5ae24b13efeb46ebcf244bc7303e7d8fc2cc792cd27448b5277d4cc061fb","ssdeep":"1536:LOFHKIV5GuKbOPNXN6ibR+6ry6j/IYOHSD/u/NNU48WQGFW4gkzwi/OsWVhL/Tyw:LYqmzIOVg6W6jUHSDm/NWP4hzihp","tlshash":"1693c649bad2f0e86be365e4842f5646e1772a24740d98d5fab6c5c19839ecf4033e3c","first_seen":"2025-09-02T17:05:36.719751Z","last_seen":"2025-09-11T07:26:20.061453Z","times_seen":165,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":28,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 13:14:02 GMT","end":"Wed, 26 Nov 2025 14:13:48 GMT"},"fingerprint":{"sha1":"7A:B2:21:7F:72:E3:39:3E:95:5D:FB:ED:BB:1C:7E:88:C4:7A:B1:B3","sha256":"FB:1D:6D:AF:DA:57:8D:9A:8B:B2:CC:FF:A2:55:C8:F3:71:3D:49:77:06:FC:4D:6F:16:91:61:6F:89:1C:A3:CB"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylivestream.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:52 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://daddylivestream.fun\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=08023d4e2ded49c1e316316004f6f031; expires=Mon, 07 Sep 2026 06:49:51 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 97b444c3db730883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"216cdada1ab00ca3359a53cdcebcda1f","sha1":"c5767b85b32f748d7aafb1f28ac147e6f0a4120b","sha256":"7687795b979ecbe04647e369ff5bb39a3cbd64c7f140a9a246447a21caecb9db","sha512":"e5a13bb3406b217f2d38f44b00deb63d8df96ad878df8d1b4a043b9017ee56d0dfd43c84029d681f593717782c6f16eb2b73aecf4e719aaa6f5d76118725df5c","ssdeep":"","tlshash":"09a00290597d26c5c44066a55a8b8691404d51d1dc44729881f88402318b9cc49cba4c","first_seen":"2025-09-07T06:50:18.410775Z","last_seen":"2025-09-07T06:50:18.410775Z","times_seen":1,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":25,"dns":2,"connect":1,"send":0,"wait":36,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kzt2afc1rp52.com/dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js","fqdn":"kzt2afc1rp52.com","domain":"kzt2afc1rp52.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:52.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kzt2afc1rp52.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Aug 2025 21:40:44 GMT","end":"Sun, 02 Nov 2025 21:40:43 GMT"},"fingerprint":{"sha1":"8D:15:7F:50:C2:8C:0E:96:C3:33:62:C0:BA:FA:92:B2:5C:A7:89:E5","sha256":"0E:E7:2E:62:BB:A3:E9:A9:02:BF:45:C3:11:A0:23:D3:A5:60:0C:22:DC:D0:64:90:33:90:35:F9:F9:E1:C1:7B"}}},"request":{"raw":"GET /dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js HTTP/1.1\r\nHost: kzt2afc1rp52.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldsportz4u.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 07 Sep 2025 06:49:52 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 39529\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: kzt2afc1rp52.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 041b8abaa3a327cf1af3b47684144017\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":110166,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8053a0a756a27365082b41d25db96248","sha1":"c9da73311f13e2d505cd54f193206a985d144883","sha256":"62a73a3847ad3abb0ee69e7c12115aeb08dcfac56692c134db742aa89e4a9692","sha512":"f4f13ed8d6b5024eb6d7a6043c92e6a8e8882026fb044882542510bb175bc9e5ad05fd58506e298b8af9a2bacb5dd5b9df6c610bc14be7aeed739a492c87d982","ssdeep":"1536:x8FO2Og6h8Z1zbcz7eg3Z+FhVO1TOCo8PkiYYo170BeEtlx1FMuI:TD8vCGVIl+RzEtle","tlshash":"8bb3b7887f80f56c115630b2232fa05af2e91e41a8ccd548f557fde92a2d377b439a78","first_seen":"2025-09-07T02:52:38.746123Z","last_seen":"2025-09-20T23:29:25.955185Z","times_seen":8,"resource_available":true,"data":null}},"time_used":850,"timings":{"blocked":331,"dns":54,"connect":91,"send":0,"wait":95,"receive":92,"ssl":185},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"172.67.134.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:52.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jxoxkplay.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 18:24:49 GMT","end":"Sun, 09 Nov 2025 19:21:25 GMT"},"fingerprint":{"sha1":"F9:C9:6D:AE:27:E4:51:15:EB:CE:17:8D:87:A8:7A:36:1C:46:F3:42","sha256":"90:CC:17:79:CA:44:5D:24:3F:E9:35:D2:27:2D:DE:C4:40:75:68:37:45:8C:A8:06:D7:48:D4:2D:1E:ED:0E:2E"}}},"request":{"raw":"GET /premiumtv/socceryouknow.php?id=982 HTTP/1.1\r\nHost: jxoxkplay.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldsportz4u.shop/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-cache: BYPASS\r\nvideocdnx: NO\r\nnode: PHP\r\ncache-control: public, max-age=30, immutable, no-transform\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=38tDqWmdeRgHdPxjFSLNdT%2FJ6t%2Bqvtj2eU2%2BXnlTVHZICvRsVYWhDg4E9b85qNWHywNFjq79k8Gvxc1iNQEUg%2BLfNezFM1RjEQ%2Bzz0I%3D\"}]}\r\ncf-ray: 97b444ca6905783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49220,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (28186), with CRLF line terminators","md5":"da2740f6a81a198b15280e0a9e921a77","sha1":"8da28d99b14c763e4e81650ccce0d729613f332e","sha256":"1d05cace3cde746ac0a56e5a8b519e602a37de8029f629ab20dc2ea899c63ca0","sha512":"24af8026eda93871815f6422d3571d720a3bf0e7156a78105474148e39ff1366739c437d9ef119f4be5c1871ad50ffc3bd7392b6d4fc516b4a298ec56690134f","ssdeep":"768:Y7pzihK72GyQ80GaIoQPzahq/AMOFd4P1UiULcuYlKi/IC0zHhoRga/ppN34Dy6a:+pziM72kGI7MOFiKif9b/ppN34+tUPtG","tlshash":"13232897354ab815432a626114bf2886e0ac4482744f4a78f75cf9263ffb634c4e7ef8","first_seen":"2025-09-07T06:50:18.412729Z","last_seen":"2025-09-07T06:50:18.412729Z","times_seen":1,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":45,"dns":21,"connect":1,"send":0,"wait":176,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldsportz4u.shop/online/stream-982.php","fqdn":"worldsportz4u.shop","domain":"worldsportz4u.shop","tld":"shop"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:53.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"worldsportz4u.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 15 Jul 2025 19:33:09 GMT","end":"Mon, 13 Oct 2025 20:31:25 GMT"},"fingerprint":{"sha1":"81:A3:90:14:CF:A2:45:5C:1D:85:40:2B:38:46:2C:70:53:D1:F0:4B","sha256":"E0:C5:B4:FC:E3:F9:4A:38:4E:40:5D:0C:67:EC:47:FC:38:1D:9F:EA:10:25:9D:26:9D:0C:37:63:F2:63:C5:4C"}}},"request":{"raw":"HEAD /online/stream-982.php HTTP/1.1\r\nHost: worldsportz4u.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldsportz4u.shop/online/stream-982.php\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cu%2FtywLiwgeP4ZyStKtbnHG6iBGCS70l4j3eTAU7SCdEv4JkGBM%2BFwLoe%2BwRaKRDu0HKoQtfokBnzNGWAMKQZUMRfDzry59fJiv6dG3dWmk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 97b444ca5b2656a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":424,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":423,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"acscdn.com/script/aclib.js","fqdn":"acscdn.com","domain":"acscdn.com","tld":"com"},"ip":{"addr":"104.18.16.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"acscdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 11 Jul 2025 17:47:20 GMT","end":"Thu, 09 Oct 2025 18:47:00 GMT"},"fingerprint":{"sha1":"63:1A:7B:92:DA:D9:63:40:A3:A0:9C:C9:93:7F:79:CD:2E:FB:74:83","sha256":"04:1B:0B:F9:88:64:45:59:58:1C:79:60:92:A4:74:68:1A:B8:40:3B:07:FA:A9:FB:E9:BF:89:C1:A4:1A:23:0A"}}},"request":{"raw":"GET /script/aclib.js HTTP/1.1\r\nHost: acscdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:51 GMT\r\ncontent-type: text/javascript\r\ncontent-encoding: gzip\r\nx-guploader-uploadid: ABgVH8_N8HcMLzUXHkLshbQmnX1Zs3LDVgiEW4CFxshQ2hQgePHgUOfjrdwxbsLJbwrWEjW4kW64vr4\r\nx-goog-generation: 1756801415162298\r\nx-goog-metageneration: 2\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 146805\r\nx-goog-hash: crc32c=dUhDjg==, md5=xKYff9mA5jyUBHVzHWssCQ==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nexpires: Sun, 07 Sep 2025 07:49:51 GMT\r\ncache-control: public, max-age=3600\r\nlast-modified: Tue, 02 Sep 2025 08:23:35 GMT\r\netag: W/\"c4a61f7fd980e63c940475731d6b2c09\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 3196\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 97b444beeccc7127-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146805,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65499), with no line terminators","md5":"c4a61f7fd980e63c940475731d6b2c09","sha1":"3d54ab589cf77d966d76313e41cb4543f03664c2","sha256":"2c90513e96889753b8c0aba761a15821342b4f9431073871c233dbdc50e8c71c","sha512":"b795dff08a71edb05d542c74d43cf836b55737298407fdf914db518d8489067f2c72a19a6a3791e3a30099a058f16788c99f88e3b4a4d09f18712ccc105500d1","ssdeep":"3072:G068+RhI8FvQeXO0AFQM4MmMnTQwvS1kK/P/h:B6phN1DFoSXXh","tlshash":"3ce3e849bad2b0f867e261e4942f9646e1371624740e98d5f6fac5d1a879ecf0033e3c","first_seen":"2025-09-02T17:05:36.787597Z","last_seen":"2025-09-11T06:46:03.245891Z","times_seen":209,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":39,"dns":20,"connect":1,"send":0,"wait":10,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylivestream.fun/favicon.ico","fqdn":"daddylivestream.fun","domain":"daddylivestream.fun","tld":"fun"},"ip":{"addr":"104.21.94.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:52.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"daddylivestream.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 15 Aug 2025 16:42:47 GMT","end":"Thu, 13 Nov 2025 17:41:36 GMT"},"fingerprint":{"sha1":"97:3E:84:F4:5D:6F:B6:4A:37:E9:F8:87:69:59:1E:28:7D:25:BF:E6","sha256":"28:7F:B4:0B:F2:0B:41:8E:71:78:C1:13:4B:C8:2D:91:8E:4D:2B:8A:F2:F4:2D:07:A6:74:0C:97:4A:3E:EF:78"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: daddylivestream.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/s-024/D982.php\r\nCookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=a93d17a4-c1ea-4f21-99f7-837378cf6ca8%3A1%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Sun, 07 Sep 2025 06:49:52 GMT\r\ncontent-type: text/html\r\nvary: accept-encoding\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: BYPASS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fpx8WrV6IAqhrpzA26xKNYnjn1n92YP2k%2B1tGBL%2FRwGcteDkSjIprdH9%2BqZJDQti5sSBLfOx1EBx7K5dDk8zndr%2Bo8JA3zSMhNQuEaK60ZNi\"}]}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 97b444c60f5ab4f9-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-04-04T21:38:04.43785Z","times_seen":115771,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"madurird.com/tag.min.js","fqdn":"madurird.com","domain":"madurird.com","tld":"com"},"ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","date":"2025-09-07T06:49:53.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"madurird.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Aug 2025 14:40:28 GMT","end":"Mon, 24 Nov 2025 15:40:23 GMT"},"fingerprint":{"sha1":"A0:04:22:68:B6:F0:81:A9:F5:24:A6:69:28:D0:11:71:F2:D4:85:3B","sha256":"F6:0B:C7:A3:4C:5D:DC:DE:48:21:EE:64:01:46:41:28:38:C8:B4:40:E4:7A:47:06:40:98:E5:25:73:7F:7F:CC"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: madurird.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\ncontent-type: application/javascript\r\ncf-ray: 97b444cc3d6756aa-OSL\r\nx-trace-id: 4a056f460e620a49ccce2feee48fbdf7\r\ncache-control: public, max-age=14400\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *, *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nlast-modified: Sun, 07 Sep 2025 06:11:59 GMT\r\ncf-cache-status: HIT\r\nage: 1697\r\nexpires: Sun, 07 Sep 2025 10:49:53 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109670,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"a297f091be61b78a52cfd5e6a10e7ec1","sha1":"7e9581b661e81b2b731ad367c6290b190f3a15be","sha256":"abe381edd3a8481d2e2768d07a0d930ea8dd9f726706a2a2fc34ec1ae048d2c9","sha512":"da3893965dc4d835961c3bb280e765619ed2c15b903ac163fc1ea1bf993315e862b7be0f1586dcb73612ef30446bdb72362041ca931acd80a31830b114c4bfc3","ssdeep":"1536:F6KpKfzIHKJYl2MGRCYmNZ2ClqIZPgAz0Sjf654+DIVV2P6O2e:IK5KJe2Gj2ncr0Sz6+3o6O2e","tlshash":"41b32aca226a241612bf80344457ed1db5aecd81048dcdb8e0e5b8762d78b16d3fbfd9","first_seen":"2025-09-04T13:29:38.94469Z","last_seen":"2025-09-08T05:20:26.030483Z","times_seen":127,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t.dtscout.com/i/?l=https%3A%2F%2Fjxoxkplay.xyz%2Fpremiumtv%2Fsocceryouknow.php%3Fid%3D982\u0026j=https%3A%2F%2Fworldsportz4u.shop%2F","fqdn":"t.dtscout.com","domain":"dtscout.com","tld":"com"},"ip":{"addr":"172.67.70.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","date":"2025-09-07T06:49:53.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dtscout.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 Aug 2025 12:11:28 GMT","end":"Sat, 29 Nov 2025 13:05:40 GMT"},"fingerprint":{"sha1":"8C:1A:8B:5A:0D:05:D0:E1:27:9B:25:7F:4F:AD:2F:0D:B4:F7:E5:14","sha256":"6E:3E:4E:99:17:89:21:6A:AA:63:31:A7:CE:8D:C6:4C:29:96:63:AE:64:9F:42:19:D7:28:92:10:03:EE:8D:75"}}},"request":{"raw":"GET /i/?l=https%3A%2F%2Fjxoxkplay.xyz%2Fpremiumtv%2Fsocceryouknow.php%3Fid%3D982\u0026j=https%3A%2F%2Fworldsportz4u.shop%2F HTTP/1.1\r\nHost: t.dtscout.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:54 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-s: mtl2\r\nx-t: 0.479\r\nexpires: Sun, 07 Sep 2025 06:49:53 GMT\r\ncache-control: no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xQ1jrcYNqMoQQ04a5V%2B8rwh3jE%2BWw4GzRH0ZHKOozOOrZofv2obRP%2BY9i5ZjhLTh4HnZN%2BeyABNC0Shvpuk4Ceh40vLd1MoXkRY%3D\"}]}\r\ncontent-encoding: br\r\nset-cookie: df=1757227794; SameSite=None; Secure; Path=/; Domain=dtscout.com; Max-Age=8640000; Expires=Tue, 16 Dec 2025 06:49:54 GMT\r\ncf-ray: 97b444cfbcfe56a8-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2079,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2077)","md5":"51bd741af3fcc4984d1a753eebfa1141","sha1":"534664acf69cbbb5c9b97c96b63dd37bdc580da2","sha256":"3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c","sha512":"14958b02aed15cfa48facbdd8e8752ac7d1220631fb6af7658bcd5b804c0be52f9555a1d0ebe0bd68ee3a5f60164d97cbf020884d8757afaa3297d0768ab8886","ssdeep":"","tlshash":"0441a70bb5e9347813a2007a55ff235fb2324928ac1788c08196d804bc785faa1b6ea6","first_seen":"2023-03-07T01:03:00Z","last_seen":"2025-11-28T22:34:42.368027Z","times_seen":7807,"resource_available":true,"data":null}},"time_used":350,"timings":{"blocked":48,"dns":20,"connect":1,"send":0,"wait":254,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.946294159121.js?key=6ae13b8edcf64696bf65510df705d5c5\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Fdaddylivestream.fun%2Fs-024%2FD982.php\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=97e287fa-730e-4d55-aa82-93ecd9d2e783%3A3%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.946294159121.js?key=6ae13b8edcf64696bf65510df705d5c5\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Fdaddylivestream.fun%2Fs-024%2FD982.php\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=97e287fa-730e-4d55-aa82-93ecd9d2e783%3A3%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylivestream.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Sun, 07 Sep 2025 06:49:52 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://daddylivestream.fun\r\naccess-control-allow-credentials: true\r\nlocation: https://wayfarerorthodox.com/watch.946294159121.js?dev=e\u0026key=6ae13b8edcf64696bf65510df705d5c5\u0026kw=%5B%5D\u0026pst=1757227852\u0026rb=\u0026refer=https%3A%2F%2Fdaddylivestream.fun%2Fs-024%2FD982.php\u0026res=14.3095\u0026rmtc=t\u0026shu=f9b320f81c1c093cd841d210290fc7cd96d88f1e6eef5923c3d70a3f354d417d34c94ca7d1ebab4085419fdfd0a4eafc3664572cf15daceca1e5fcfa3f7969c82642901e371ad2e60b826d59ba03a073da0a74bdaa13f4889689\u0026tz=0\u0026uuid=97e287fa-730e-4d55-aa82-93ecd9d2e783%3A3%3A1\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzMyOTkwNiwiayI6IjZhZTEzYjhlZGNmNjQ2OTZiZjY1NTEwZGY3MDVkNWM1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MjIxMjY0LCJwaWQiOjM5MjgzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyMywicHQiOjQsInBrIjoicjB6cHZzZHBqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2RhZGR5bGl2ZXN0cmVhbS5mdW4vcy0wMjQvRDk4Mi5waHAiLCJhciI6W119fQ.SYNs240O_skLU7EKOykUaTYPOFPjtqJJ_Qr5nIlWJwo; expires=Sun, 07 Sep 2025 06:50:52 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 4\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f959c5615a6438b98b3f057b34fbded3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4882,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":669,"timings":{"blocked":280,"dns":1,"connect":93,"send":0,"wait":104,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1RTPW8dRRSd5yQUUPARBAXNKyj4sj27s5-kQIQQFBHiKAkKEqKYnQ978L7dZWb3re0qIgJFVA_RQLc-z4kFiRAotEHomS4SUh4NLuKGX4CQUiL0HAuHW9x7z567o3NHZz7fbPYIQ8N3z79Xbpg854vhAu2_dNkUsmxd_9ylvkcX6In-ZVNEwYn-2izZ4eseCxboy_13lFgtF33qUepRr3_aWKXLtcV9Fqa6lXoLKV0I_AUvDLBm_49d04PjPcjhHnkGRk6f_FN_CCMmKAY_nFJutS6r194eNDmvS4uh3H6_WC3KtsDgsNW2B11sH0yjdFNCvp5DWWwfbIByuDXbAJmZkrnn7iMrtg9kIhtef6g0y6EKZPIJtMMJVL4DwycQ5VUYeY8AQuLcEorBjXOlbfn6Q5bP2Ck5-uBvmHZKjt5_FsXg-5O5WetfLPOmNmXhsKY7mLUJzPIEVbODemMOpt2BqD-Fkb-RxQdnUQy2llxewsjdF9NY-Ums-XzMqJoPZBjOc5748ylTQqbSV3HC9q_I6Am4O4LG9dCYHhrdQ1P1MJC7_YAmgfA4i3QqRUwDHgRSZTRNfEp5KmI0YqZ9hLoaQeQjCHsFlb2CVfPlPfYBbPML3MruTzrNmE914glP0JQJmQSe9D3qp1SLWMg0kkmiPRUppcPUZ4LJmHKmWRjIwIslC0QaCB5LT2U8C2gSBl6qpZaUB4prwaIoCGNfaC-UXCjBPRVqoTnTcRqlIvGjwE-pp1jscemriGaJH8kwzThlnMZMcsrjIJOce0wHSZJGSQone3A1wVB2aBVB6whaTtAagrYmaIfddZk733U3ZO6azDuo_kFl3bislzf59bJeVgUBtyNY2W2Z6hN3FaI-Mt7QTo7LWeJZ3Y15JrvNao88PbNDb_OYxara7UdceSxLlBQ6CqI0ynQUhh6VOqahDEUIZzoYNwfuetgwU7J0c4TKTMmxfz5Dxnfg8h0Icxy8eR68Hcd-Ar6ClGKjuC25lOu5GSpXW8UHC7opIMsOVX0U9XpvM98jL-yb86M_voISd8lBQNgOle3wsfmVYDm_Nr5QtmTrQtk68uNSVZuB2eAz416sea0e--5dtd6WVp455UbfvilmxKy9dUm5-iwvpCmWHbl50kip7OnSCkXunHGXVXa-cSsnG1s01dnzb50-M6iscs6UxQTcTMnjf30BYabk-M_f7D_K8JXbMHYC23QYNI9ora7AVYfYlQQ2P8RZRdA23dj62X8fxzbThxO5IcjVIeZZB_cIztQjP_LZUdx0m-4alm0PvL6KYtBhaDsM8w48H8E1R8Z1Ze--8TvbD2R5b5zllmxluZ3xZrevmfIFpUkceSzRymOBFDpMglRGnDKmULvpyp1Xn_o3AAD__-O7YZl6BQAA","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:52.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTPW8dRRSd5yQUUPARBAXNKyj4sj27s5-kQIQQFBHiKAkKEqKYnQ978L7dZWb3re0qIgJFVA_RQLc-z4kFiRAotEHomS4SUh4NLuKGX4CQUiL0HAuHW9x7z567o3NHZz7fbPYIQ8N3z79Xbpg854vhAu2_dNkUsmxd_9ylvkcX6In-ZVNEwYn-2izZ4eseCxboy_13lFgtF33qUepRr3_aWKXLtcV9Fqa6lXoLKV0I_AUvDLBm_49d04PjPcjhHnkGRk6f_FN_CCMmKAY_nFJutS6r194eNDmvS4uh3H6_WC3KtsDgsNW2B11sH0yjdFNCvp5DWWwfbIByuDXbAJmZkrnn7iMrtg9kIhtef6g0y6EKZPIJtMMJVL4DwycQ5VUYeY8AQuLcEorBjXOlbfn6Q5bP2Ck5-uBvmHZKjt5_FsXg-5O5WetfLPOmNmXhsKY7mLUJzPIEVbODemMOpt2BqD-Fkb-RxQdnUQy2llxewsjdF9NY-Ums-XzMqJoPZBjOc5748ylTQqbSV3HC9q_I6Am4O4LG9dCYHhrdQ1P1MJC7_YAmgfA4i3QqRUwDHgRSZTRNfEp5KmI0YqZ9hLoaQeQjCHsFlb2CVfPlPfYBbPML3MruTzrNmE914glP0JQJmQSe9D3qp1SLWMg0kkmiPRUppcPUZ4LJmHKmWRjIwIslC0QaCB5LT2U8C2gSBl6qpZaUB4prwaIoCGNfaC-UXCjBPRVqoTnTcRqlIvGjwE-pp1jscemriGaJH8kwzThlnMZMcsrjIJOce0wHSZJGSQone3A1wVB2aBVB6whaTtAagrYmaIfddZk733U3ZO6azDuo_kFl3bislzf59bJeVgUBtyNY2W2Z6hN3FaI-Mt7QTo7LWeJZ3Y15JrvNao88PbNDb_OYxara7UdceSxLlBQ6CqI0ynQUhh6VOqahDEUIZzoYNwfuetgwU7J0c4TKTMmxfz5Dxnfg8h0Icxy8eR68Hcd-Ar6ClGKjuC25lOu5GSpXW8UHC7opIMsOVX0U9XpvM98jL-yb86M_voISd8lBQNgOle3wsfmVYDm_Nr5QtmTrQtk68uNSVZuB2eAz416sea0e--5dtd6WVp455UbfvilmxKy9dUm5-iwvpCmWHbl50kip7OnSCkXunHGXVXa-cSsnG1s01dnzb50-M6iscs6UxQTcTMnjf30BYabk-M_f7D_K8JXbMHYC23QYNI9ora7AVYfYlQQ2P8RZRdA23dj62X8fxzbThxO5IcjVIeZZB_cIztQjP_LZUdx0m-4alm0PvL6KYtBhaDsM8w48H8E1R8Z1Ze--8TvbD2R5b5zllmxluZ3xZrevmfIFpUkceSzRymOBFDpMglRGnDKmULvpyp1Xn_o3AAD__-O7YZl6BQAA HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzMyOTkwNiwiayI6IjZhZTEzYjhlZGNmNjQ2OTZiZjY1NTEwZGY3MDVkNWM1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MjIxMjY0LCJwaWQiOjM5MjgzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyMywicHQiOjQsInBrIjoicjB6cHZzZHBqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2RhZGR5bGl2ZXN0cmVhbS5mdW4vcy0wMjQvRDk4Mi5waHAiLCJhciI6W119fQ.SYNs240O_skLU7EKOykUaTYPOFPjtqJJ_Qr5nIlWJwo; uid_id2=97e287fa-730e-4d55-aa82-93ecd9d2e783:3:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl27329906=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 07 Sep 2025 06:49:52 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a0494a8d5e9c7b6b6b1ef8119285135e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usrpubtrk.com/ut/hb.php?cb=0.7394742995602224\u0026v=1","fqdn":"usrpubtrk.com","domain":"usrpubtrk.com","tld":"com"},"ip":{"addr":"172.67.186.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:53.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usrpubtrk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 14 Aug 2025 11:57:48 GMT","end":"Wed, 12 Nov 2025 12:55:14 GMT"},"fingerprint":{"sha1":"D4:3E:2D:C6:F4:04:8A:A6:38:80:A6:3F:B8:36:DF:7A:79:B8:B0:6B","sha256":"99:E2:A7:FD:97:EE:35:E5:8B:A6:DB:25:80:B5:FA:55:8E:72:BD:17:CC:CA:CB:6A:DF:CC:70:31:68:4F:F2:57"}}},"request":{"raw":"POST /ut/hb.php?cb=0.7394742995602224\u0026v=1 HTTP/1.1\r\nHost: usrpubtrk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 831\r\nOrigin: https://worldsportz4u.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldsportz4u.shop/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\naccess-control-allow-origin: *\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=daOATzVbGFnc67twI%2BASznb6rWaFmjTNEuF2%2Bim%2BRUVxnDU8uNaUJhL%2FcbAVpb1qOblEWezDpj6b%2BYS2ZBkNEiORGumE02T74aHt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 97b444cbec3556b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 07 Sep 2025 06:49:52 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2570\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b2db2e9a6ccf1afd8aa2c91f4060ea25\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5080,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5080), with no line terminators","md5":"a524ecfbd97124fd2e9c3f6ad371ca23","sha1":"a281b89a51cfe367f92816be50eba55ccc0eaee6","sha256":"5549a01f3d1c788c8e44dc8a54e5c9103880b5608d3b44e0a0ea4ebd124dc18f","sha512":"dbfa06ea3faf0b6451668b8634e61e52c71ac098f26b08551cac54344128a205b2378e56953102dda758aa63fab8ed1e22c3a74eda39a154caff8f2b6b3bdee5","ssdeep":"96:WhmlSzNzYF4RWz3qVeBYJ2gzAKAYaR/tCP/KZhWAEGo:SmAz+60BSF81RM3KZoGo","tlshash":"b1a1618e3f81b4ac069270372f3f6e0ef13a5c55195ad4d8d202a0a47f28a39d4b6b55","first_seen":"2025-08-06T23:31:31.906679Z","last_seen":"2025-09-26T10:32:45.122277Z","times_seen":4581,"resource_available":true,"data":null}},"time_used":669,"timings":{"blocked":287,"dns":1,"connect":92,"send":0,"wait":95,"receive":0,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 07 Sep 2025 06:49:51 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: dc600e69ddb6a767e29c09041e352da9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":170,"timings":{"blocked":65,"dns":5,"connect":17,"send":0,"wait":24,"receive":18,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:52.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldsportz4u.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 07 Sep 2025 06:49:52 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 64c1e9ab00f1ffcceb6c10e62712cb07\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adexchangeclear.com/script/suurl5.php?r=6707202\u0026cbur=0.15356429221849655\u0026cbiframe=1\u0026cbWidth=850\u0026cbHeight=550\u0026cbtitle=\u0026cbpage=https%3A%2F%2Fdaddylivestream.fun%2F\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=asqemyfadrdfj.site\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1757227792967\u0026srs=7e9ce057390c8943318ba1563e2aecfe\u0026atv=68.2\u0026abtg=1\u0026adbv=3-cdn-js","fqdn":"adexchangeclear.com","domain":"adexchangeclear.com","tld":"com"},"ip":{"addr":"104.21.78.155","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:52.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adexchangeclear.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 17:58:51 GMT","end":"Sat, 08 Nov 2025 17:08:08 GMT"},"fingerprint":{"sha1":"EA:C4:03:00:5B:31:55:C6:59:67:78:25:B3:B7:46:0C:EC:DE:30:70","sha256":"D9:CD:23:32:1E:FF:B8:A4:2F:94:7E:6F:7B:49:CF:2A:8E:F8:87:04:44:A7:C7:E1:3C:53:1B:9F:D1:3A:94:D5"}}},"request":{"raw":"GET /script/suurl5.php?r=6707202\u0026cbur=0.15356429221849655\u0026cbiframe=1\u0026cbWidth=850\u0026cbHeight=550\u0026cbtitle=\u0026cbpage=https%3A%2F%2Fdaddylivestream.fun%2F\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=asqemyfadrdfj.site\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1757227792967\u0026srs=7e9ce057390c8943318ba1563e2aecfe\u0026atv=68.2\u0026abtg=1\u0026adbv=3-cdn-js HTTP/1.1\r\nHost: adexchangeclear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://worldsportz4u.shop/\r\nOrigin: https://worldsportz4u.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RzyQO0IsfszbL79b7T83jq%2FFbZiSwj5797J0vgJMdTJHDK%2Fse1ozDCQWCdfGQS2SZK6Dc8V%2BOmbJmihiNgDOHdtSDPdzEE6AW6Q8Rzh%2BYg7W\"}]}\r\ncf-ray: 97b444ca1afc56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1018,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"590a9e69067d7c8edfc7e8668a668f62","sha1":"1bcf5a97a969c4d10851c55fbad233893148295b","sha256":"916ca0c8255bb4478ffbd305a3ea93254197f4c9b43ff0b916a9589a956076ee","sha512":"6ec1773d703010ce2e8383760d1d5102e62a1a5585cd2f14d60694701cc69883727f34edf2c5731a71f66c657ea6c0c99d9c3d126d8c284ac8a52e484e24eb4e","ssdeep":"","tlshash":"1011a8122ddc7c491ca6228cc3aa141f003268f5e7f0610146f86c959c7c9c0695f5b7","first_seen":"2025-09-07T06:50:18.417442Z","last_seen":"2025-09-07T06:50:18.417442Z","times_seen":1,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"172.67.134.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","date":"2025-09-07T06:49:53.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jxoxkplay.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 18:24:49 GMT","end":"Sun, 09 Nov 2025 19:21:25 GMT"},"fingerprint":{"sha1":"F9:C9:6D:AE:27:E4:51:15:EB:CE:17:8D:87:A8:7A:36:1C:46:F3:42","sha256":"90:CC:17:79:CA:44:5D:24:3F:E9:35:D2:27:2D:DE:C4:40:75:68:37:45:8C:A8:06:D7:48:D4:2D:1E:ED:0E:2E"}}},"request":{"raw":"HEAD /premiumtv/socceryouknow.php?id=982 HTTP/1.1\r\nHost: jxoxkplay.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i3SFXJ%2FMjvlCC8GgJpEf9DR29o5C5FTO4YVsnjIM9QIwc5n5H2%2Bp76snVujC%2BbieG1MOQpe4eOVn89%2FKP%2BqGwAewdTAyh0ve1y1o\"}]}\r\nx-cache: BYPASS\r\nvideocdnx: NO\r\nnode: PHP\r\ncache-control: public, max-age=30, immutable, no-transform\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 97b444ccc9d65696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":170,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bt2pt.com/5/9713738/?oo=1\u0026js_build=iclick-v1.1565.0\u0026userId=08023d4e2ded49c1e316316004f6f031\u0026dmn=al5sm.com\u0026tt=2\u0026ix=1","fqdn":"bt2pt.com","domain":"bt2pt.com","tld":"com"},"ip":{"addr":"139.45.197.116","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:53.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bt2pt.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 11 Jul 2025 05:09:01 GMT","end":"Thu, 09 Oct 2025 05:09:00 GMT"},"fingerprint":{"sha1":"78:82:8F:6D:B1:4C:3A:97:CA:D5:E3:DE:FA:B2:53:FF:66:0D:3C:23","sha256":"F4:87:3B:99:50:D9:95:1F:D6:ED:B7:A4:0B:FA:1C:A3:0C:64:04:03:0A:99:70:E3:63:B2:F0:3E:A1:58:F3:05"}}},"request":{"raw":"POST /5/9713738/?oo=1\u0026js_build=iclick-v1.1565.0\u0026userId=08023d4e2ded49c1e316316004f6f031\u0026dmn=al5sm.com\u0026tt=2\u0026ix=1 HTTP/1.1\r\nHost: bt2pt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2684\r\nOrigin: https://worldsportz4u.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldsportz4u.shop/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://worldsportz4u.shop\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":109,"dns":22,"connect":26,"send":0,"wait":30,"receive":0,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usrpubtrk.com/ut/hb.php?cb=0.10144308987602613\u0026v=1","fqdn":"usrpubtrk.com","domain":"usrpubtrk.com","tld":"com"},"ip":{"addr":"172.67.186.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usrpubtrk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 14 Aug 2025 11:57:48 GMT","end":"Wed, 12 Nov 2025 12:55:14 GMT"},"fingerprint":{"sha1":"D4:3E:2D:C6:F4:04:8A:A6:38:80:A6:3F:B8:36:DF:7A:79:B8:B0:6B","sha256":"99:E2:A7:FD:97:EE:35:E5:8B:A6:DB:25:80:B5:FA:55:8E:72:BD:17:CC:CA:CB:6A:DF:CC:70:31:68:4F:F2:57"}}},"request":{"raw":"POST /ut/hb.php?cb=0.10144308987602613\u0026v=1 HTTP/1.1\r\nHost: usrpubtrk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 819\r\nOrigin: https://daddylivestream.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 07 Sep 2025 06:49:52 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M2%2FkL2g0%2B0Pfws685jYK6cY42lsfUES7ZcrbNtvI01R0rWvlEvZJAejDz5AX0LM%2BnpNGwpzaeuBQU52BKv%2BGNa7v%2BIzrmluGJqLR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 97b444c3ec9956ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":47,"dns":32,"connect":1,"send":0,"wait":145,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1176\u0026rd=1176\u0026fd=526\u0026bv=25.8.6603\u0026tmpl=70","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:52.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1176\u0026rd=1176\u0026fd=526\u0026bv=25.8.6603\u0026tmpl=70 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldsportz4u.shop/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzMyOTkwNiwiayI6IjZhZTEzYjhlZGNmNjQ2OTZiZjY1NTEwZGY3MDVkNWM1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MjIxMjY0LCJwaWQiOjM5MjgzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyMywicHQiOjQsInBrIjoicjB6cHZzZHBqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2RhZGR5bGl2ZXN0cmVhbS5mdW4vcy0wMjQvRDk4Mi5waHAiLCJhciI6W119fQ.SYNs240O_skLU7EKOykUaTYPOFPjtqJJ_Qr5nIlWJwo; uid_id2=97e287fa-730e-4d55-aa82-93ecd9d2e783:3:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl27329906=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 07 Sep 2025 06:49:52 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","date":"2025-09-07T06:49:53.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 0.3.13\r\nx-jsd-version-type: version\r\netag: W/\"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 1154\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\nx-served-by: cache-fra-etou8220029-FRA, cache-hel1410025-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 145133\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":525081,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f55c6c796275a41ce7d97bd160e648ff","sha1":"936285f9c8c85a749a1ef8cfc4d5e84b7ea2bc89","sha256":"db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c","sha512":"3b01da86fa5b757041d7c03a186faad290c34f12fea78cc5ec53e4396491b16393c03e794bbead5a726f21c49f80894824eb65a87122c68a22cb2043ec6eda0e","ssdeep":"6144:q2ffwZI3wKqMSxeUKn5+q4Qc7vije4RDgv7VTG:qSoKqM9Upbz6R","tlshash":"c5b41b9876e5b0654393a0b8503f020b723bad6e7005a1ecf76de9e95db884d6037f78","first_seen":"2023-03-07T01:14:45Z","last_seen":"2026-04-04T19:33:28.165428Z","times_seen":2298,"resource_available":true,"data":null}},"time_used":159,"timings":{"blocked":45,"dns":1,"connect":15,"send":0,"wait":32,"receive":29,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=a93d17a4-c1ea-4f21-99f7-837378cf6ca8\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=688bfa9126cbe6934301445222184ffd\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=6","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:53.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=a93d17a4-c1ea-4f21-99f7-837378cf6ca8\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=688bfa9126cbe6934301445222184ffd\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=6 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 07 Sep 2025 06:49:53 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e3db88e53bf9684e8ca8a4ea85f7dcb1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":691,"timings":{"blocked":296,"dns":3,"connect":93,"send":0,"wait":97,"receive":1,"ssl":197},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylivestream.fun/s-024/D982.php","fqdn":"daddylivestream.fun","domain":"daddylivestream.fun","tld":"fun"},"ip":{"addr":"104.21.94.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-07T06:49:50.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"daddylivestream.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 15 Aug 2025 16:42:47 GMT","end":"Thu, 13 Nov 2025 17:41:36 GMT"},"fingerprint":{"sha1":"97:3E:84:F4:5D:6F:B6:4A:37:E9:F8:87:69:59:1E:28:7D:25:BF:E6","sha256":"28:7F:B4:0B:F2:0B:41:8E:71:78:C1:13:4B:C8:2D:91:8E:4D:2B:8A:F2:F4:2D:07:A6:74:0C:97:4A:3E:EF:78"}}},"request":{"raw":"GET /s-024/D982.php HTTP/1.1\r\nHost: daddylivestream.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:50 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HUq0gwGQL4rkar2ub2FXjlcK%2Fj0ZgSI%2F413iM0ypU9KwN7Gt2El8Kg2hqiJZWGPpwbn79zFUMvMqku%2FGF3uiEO6GW847qB868HD4wuXwjVZVsRg%3D\"}]}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\ncf-ray: 97b444bcce3e3181-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":29666,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (28163), with CRLF line terminators","md5":"bdad4f2dd54e66a3423f4fdba7f03a2e","sha1":"f7636cf96744cbbd3bab6fae0bd72d17defe4c37","sha256":"17fb8e3c71b6b3e73a159cb290d1afaf5892971cd2ef741ecaceb347da716587","sha512":"d1e4d787d247b052ec18a43c0bcb1965951f3e05b43e9f67e3cd7a544a816131c44d40a73880e8d5f40b65953a84733379945cfbc2b89bc961d6c7ca5e083d39","ssdeep":"384:7v0a/K7iYFRdYtrGTX0Qen9tO69aI8tAUeNDaUGRQ2t4PpBahqoo+KXnS7YhfGMS:7K72rGQQ80GaIoQPzahq/AMOUDpQ4C","tlshash":"8dd2f5ab321eb90a8b19616150ff2d85a1cc44c0718f5b78f764e43674eb63485ebef8","first_seen":"2025-09-07T06:50:18.418997Z","last_seen":"2025-09-07T06:50:18.418997Z","times_seen":1,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":57,"dns":39,"connect":1,"send":0,"wait":142,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"oyo4d.com/5/6712285/?oo=1\u0026js_build=iclick-v1.1565.0\u0026userId=08023d4e2ded49c1e316316004f6f031\u0026dmn=madurird.com\u0026tt=2\u0026ix=1","fqdn":"oyo4d.com","domain":"oyo4d.com","tld":"com"},"ip":{"addr":"139.45.197.118","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:56.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oyo4d.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 Aug 2025 05:09:42 GMT","end":"Thu, 30 Oct 2025 05:09:41 GMT"},"fingerprint":{"sha1":"CA:B0:55:2C:92:65:6D:F3:1E:6D:BA:45:88:FD:65:2F:07:36:13:27","sha256":"DA:EB:6B:D8:17:3D:D3:8F:2D:0D:B8:71:CE:2B:40:9E:83:B9:6F:46:25:7F:24:C5:24:83:76:CC:BB:09:4A:7F"}}},"request":{"raw":"POST /5/6712285/?oo=1\u0026js_build=iclick-v1.1565.0\u0026userId=08023d4e2ded49c1e316316004f6f031\u0026dmn=madurird.com\u0026tt=2\u0026ix=1 HTTP/1.1\r\nHost: oyo4d.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2684\r\nOrigin: https://worldsportz4u.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldsportz4u.shop/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Sun, 07 Sep 2025 06:49:56 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://worldsportz4u.shop\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"worldsportz4u.shop/online/stream-982.php","fqdn":"worldsportz4u.shop","domain":"worldsportz4u.shop","tld":"shop"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"worldsportz4u.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 15 Jul 2025 19:33:09 GMT","end":"Mon, 13 Oct 2025 20:31:25 GMT"},"fingerprint":{"sha1":"81:A3:90:14:CF:A2:45:5C:1D:85:40:2B:38:46:2C:70:53:D1:F0:4B","sha256":"E0:C5:B4:FC:E3:F9:4A:38:4E:40:5D:0C:67:EC:47:FC:38:1D:9F:EA:10:25:9D:26:9D:0C:37:63:F2:63:C5:4C"}}},"request":{"raw":"GET /online/stream-982.php HTTP/1.1\r\nHost: worldsportz4u.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:52 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CdR%2BWj%2F12SYGMCX8eQtCGwn18%2Brz3nr0IsmezOhCQNv7VZJFbkGEqtlqOuSNoYnyvo1pKNmFo1097pVzPHkg3dHxGNFSe9GBNSpUS6%2BOlqI%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 97b444c28b5056c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":307463,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (48337), with LF, NEL line terminators","md5":"29fe72987eaa3af739f18d4bfeb23890","sha1":"c30f610971f1bd648ae57a09a5f80b49431302ab","sha256":"729a1b32fb5f1cd9bafa3e6f53875c24f31dac5bcb582e09d63a8eb61063d573","sha512":"3862da8c6fddf6791ad180d51fb5c14f3724e5ff0db015cb83f55416e7b4f4c6074c8bdff0c0937f5fadd14f5404105d9ce23eaf89ef6252d71c0be78462a9af","ssdeep":"6144:j+rFR9B39FjG6Y3jeumFQg/BJojGQaA/TBEOBsBrufLnprTrM5:j+RRr39FjZY3j7mFQg/LoXaA/TBEOBYr","tlshash":"06644b493252b2b63bd150d55c3f6505e2365059780e8428f6ecc8e2a9afdce6237fbc","first_seen":"2025-09-07T06:50:18.420069Z","last_seen":"2025-09-07T06:50:18.420069Z","times_seen":1,"resource_available":false,"data":null}},"time_used":561,"timings":{"blocked":67,"dns":27,"connect":1,"send":0,"wait":427,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"madurird.com/tag.min.js","fqdn":"madurird.com","domain":"madurird.com","tld":"com"},"ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:52.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"madurird.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Aug 2025 14:40:28 GMT","end":"Mon, 24 Nov 2025 15:40:23 GMT"},"fingerprint":{"sha1":"A0:04:22:68:B6:F0:81:A9:F5:24:A6:69:28:D0:11:71:F2:D4:85:3B","sha256":"F6:0B:C7:A3:4C:5D:DC:DE:48:21:EE:64:01:46:41:28:38:C8:B4:40:E4:7A:47:06:40:98:E5:25:73:7F:7F:CC"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: madurird.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldsportz4u.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:52 GMT\r\ncontent-type: application/javascript\r\ncf-ray: 97b444c6283d56aa-OSL\r\nx-trace-id: 4a056f460e620a49ccce2feee48fbdf7\r\ncache-control: public, max-age=14400\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *, *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nlast-modified: Sun, 07 Sep 2025 06:11:59 GMT\r\ncf-cache-status: HIT\r\nage: 1696\r\nexpires: Sun, 07 Sep 2025 10:49:52 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109670,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"a297f091be61b78a52cfd5e6a10e7ec1","sha1":"7e9581b661e81b2b731ad367c6290b190f3a15be","sha256":"abe381edd3a8481d2e2768d07a0d930ea8dd9f726706a2a2fc34ec1ae048d2c9","sha512":"da3893965dc4d835961c3bb280e765619ed2c15b903ac163fc1ea1bf993315e862b7be0f1586dcb73612ef30446bdb72362041ca931acd80a31830b114c4bfc3","ssdeep":"1536:F6KpKfzIHKJYl2MGRCYmNZ2ClqIZPgAz0Sjf654+DIVV2P6O2e:IK5KJe2Gj2ncr0Sz6+3o6O2e","tlshash":"41b32aca226a241612bf80344457ed1db5aecd81048dcdb8e0e5b8762d78b16d3fbfd9","first_seen":"2025-09-04T13:29:38.94469Z","last_seen":"2025-09-08T05:20:26.030483Z","times_seen":127,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bt2pt.com/5/9713738/?oo=1\u0026js_build=iclick-v1.1565.0\u0026userId=08023d4e2ded49c1e316316004f6f031\u0026dmn=al5sm.com\u0026tt=2\u0026ix=1","fqdn":"bt2pt.com","domain":"bt2pt.com","tld":"com"},"ip":{"addr":"139.45.197.116","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:54.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bt2pt.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 11 Jul 2025 05:09:01 GMT","end":"Thu, 09 Oct 2025 05:09:00 GMT"},"fingerprint":{"sha1":"78:82:8F:6D:B1:4C:3A:97:CA:D5:E3:DE:FA:B2:53:FF:66:0D:3C:23","sha256":"F4:87:3B:99:50:D9:95:1F:D6:ED:B7:A4:0B:FA:1C:A3:0C:64:04:03:0A:99:70:E3:63:B2:F0:3E:A1:58:F3:05"}}},"request":{"raw":"POST /5/9713738/?oo=1\u0026js_build=iclick-v1.1565.0\u0026userId=08023d4e2ded49c1e316316004f6f031\u0026dmn=al5sm.com\u0026tt=2\u0026ix=1 HTTP/1.1\r\nHost: bt2pt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2684\r\nOrigin: https://worldsportz4u.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldsportz4u.shop/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Sun, 07 Sep 2025 06:49:54 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://worldsportz4u.shop\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"madurird.com/tag.min.js","fqdn":"madurird.com","domain":"madurird.com","tld":"com"},"ip":{"addr":"172.64.146.197","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"madurird.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 26 Aug 2025 14:40:28 GMT","end":"Mon, 24 Nov 2025 15:40:23 GMT"},"fingerprint":{"sha1":"A0:04:22:68:B6:F0:81:A9:F5:24:A6:69:28:D0:11:71:F2:D4:85:3B","sha256":"F6:0B:C7:A3:4C:5D:DC:DE:48:21:EE:64:01:46:41:28:38:C8:B4:40:E4:7A:47:06:40:98:E5:25:73:7F:7F:CC"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: madurird.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:51 GMT\r\ncontent-type: application/javascript\r\ncf-ray: 97b444bee93456c3-OSL\r\nx-trace-id: 1dbb0371154234bbcfa800887cb8c02d\r\ncache-control: public, max-age=14400\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *, *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nlast-modified: Sun, 07 Sep 2025 06:42:00 GMT\r\ncf-cache-status: HIT\r\nage: 276\r\nexpires: Sun, 07 Sep 2025 10:49:51 GMT\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109670,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"a297f091be61b78a52cfd5e6a10e7ec1","sha1":"7e9581b661e81b2b731ad367c6290b190f3a15be","sha256":"abe381edd3a8481d2e2768d07a0d930ea8dd9f726706a2a2fc34ec1ae048d2c9","sha512":"da3893965dc4d835961c3bb280e765619ed2c15b903ac163fc1ea1bf993315e862b7be0f1586dcb73612ef30446bdb72362041ca931acd80a31830b114c4bfc3","ssdeep":"1536:F6KpKfzIHKJYl2MGRCYmNZ2ClqIZPgAz0Sjf654+DIVV2P6O2e:IK5KJe2Gj2ncr0Sz6+3o6O2e","tlshash":"41b32aca226a241612bf80344457ed1db5aecd81048dcdb8e0e5b8762d78b16d3fbfd9","first_seen":"2025-09-04T13:29:38.94469Z","last_seen":"2025-09-08T05:20:26.030483Z","times_seen":127,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":37,"dns":20,"connect":1,"send":0,"wait":14,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cb.vleigearman.com/rVjkGPT6iMLH4RZ3/69521","fqdn":"cb.vleigearman.com","domain":"vleigearman.com","tld":"com"},"ip":{"addr":"23.109.170.255","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:52.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cb.vleigearman.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 16 Jul 2025 08:04:39 GMT","end":"Tue, 14 Oct 2025 08:04:38 GMT"},"fingerprint":{"sha1":"88:16:C1:C2:30:C4:29:CC:F2:72:1B:D5:BE:82:23:DE:07:1A:A1:1B","sha256":"68:14:61:D3:31:FC:72:EC:5C:BF:65:AF:62:8B:DB:F7:8D:97:0B:1E:B7:F7:71:CD:85:75:F1:9E:07:7C:20:F9"}}},"request":{"raw":"GET /rVjkGPT6iMLH4RZ3/69521 HTTP/1.1\r\nHost: cb.vleigearman.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldsportz4u.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 07 Sep 2025 06:49:52 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nAccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://worldsportz4u.shop\r\nAccess-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\nAccess-Control-Max-Age: 600\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nSet-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWdcFnYQDeASKQHj1xSv4SAr9g3Wh3ZQKensbE32bTH6T8TwvKB7g78kZ4Sdv8MRY13Z1U3VlPXa8GoaubZtyaLqSVc00NbiTW2%2F5sJCNcNpWbmxv9wiXmRQZOfajFpTh0am%2F5qr0oSLEg%2BFKZIhXJ5YM6WD0sZEpQkSKr4T0VRqa9JcT%2FEMbhOy5dlkql%2F0Sgd6KMD8jfZNKuGV%2BQcDKPE883N8Wbidt1l6KxEc8Gy4I%2FgtOI7c0a%2FONVNB2tfoG6EX0%2F%2F73ODxYiUTQLkdCrO07mR%2B4dk3m; expires=Mon, 08-Sep-2025 06:49:52 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwVyM0KgkAUhuE5hxiIJPjA9l6BadnCbbYMXXgFZhEDwxyZGfu5%2B2zxLp5XKcVpAjYTkrrM6yKvDnl5qkBPcNuBRwfdin8PX5AHF0ewd9h0wUrWyOzi8kes%2FgYZbM%2FWfLJe7ByNuABeWjfDzT72l%2F4KmjSBo2gGh3uqQC%2B9%2BwFe7x3U; expires=Mon, 08-Sep-2025 06:49:52 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=1\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-04-04T21:36:52.046697Z","times_seen":14823,"resource_available":true,"data":null}},"time_used":386,"timings":{"blocked":181,"dns":127,"connect":17,"send":0,"wait":22,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"cb.vleigearman.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:53.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:07:02 GMT","end":"Sat, 29 Nov 2025 00:07:01 GMT"},"fingerprint":{"sha1":"AD:4F:15:9E:60:62:A7:16:BA:4B:37:64:C6:01:6B:2B:99:47:89:BE","sha256":"44:74:EA:98:35:48:9C:28:63:20:61:17:18:F6:2B:0A:57:68:36:F4:EF:B0:67:1E:C0:7C:41:30:13:2C:02:F1"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldsportz4u.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 07 Sep 2025 06:49:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 166bb4ececaa423f7e246ea89df7f79e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","date":"2025-09-07T06:49:53.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 13:14:02 GMT","end":"Wed, 26 Nov 2025 14:13:48 GMT"},"fingerprint":{"sha1":"7A:B2:21:7F:72:E3:39:3E:95:5D:FB:ED:BB:1C:7E:88:C4:7A:B1:B3","sha256":"FB:1D:6D:AF:DA:57:8D:9A:8B:B2:CC:FF:A2:55:C8:F3:71:3D:49:77:06:FC:4D:6F:16:91:61:6F:89:1C:A3:CB"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://jxoxkplay.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/\r\nCookie: ID=08023d4e2ded49c1e316316004f6f031\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://jxoxkplay.xyz\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=08023d4e2ded49c1e316316004f6f031; expires=Mon, 07 Sep 2026 06:49:53 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 97b444cdece8120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"216cdada1ab00ca3359a53cdcebcda1f","sha1":"c5767b85b32f748d7aafb1f28ac147e6f0a4120b","sha256":"7687795b979ecbe04647e369ff5bb39a3cbd64c7f140a9a246447a21caecb9db","sha512":"e5a13bb3406b217f2d38f44b00deb63d8df96ad878df8d1b4a043b9017ee56d0dfd43c84029d681f593717782c6f16eb2b73aecf4e719aaa6f5d76118725df5c","ssdeep":"","tlshash":"09a00290597d26c5c44066a55a8b8691404d51d1dc44729881f88402318b9cc49cba4c","first_seen":"2025-09-07T06:50:18.410775Z","last_seen":"2025-09-07T06:50:18.410775Z","times_seen":1,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adexchangeclear.com/script/interstitial.php?r=9830542\u0026srs=7e9ce057390c8943318ba1563e2aecfe\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026cbpage=https%3A%2F%2Fdaddylivestream.fun%2F\u0026atv=68.2\u0026cbref=\u0026pblcz=6707202\u0026abtg=1\u0026adbv=3-cdn-js","fqdn":"adexchangeclear.com","domain":"adexchangeclear.com","tld":"com"},"ip":{"addr":"104.21.78.155","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:53.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adexchangeclear.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 17:58:51 GMT","end":"Sat, 08 Nov 2025 17:08:08 GMT"},"fingerprint":{"sha1":"EA:C4:03:00:5B:31:55:C6:59:67:78:25:B3:B7:46:0C:EC:DE:30:70","sha256":"D9:CD:23:32:1E:FF:B8:A4:2F:94:7E:6F:7B:49:CF:2A:8E:F8:87:04:44:A7:C7:E1:3C:53:1B:9F:D1:3A:94:D5"}}},"request":{"raw":"GET /script/interstitial.php?r=9830542\u0026srs=7e9ce057390c8943318ba1563e2aecfe\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026cbpage=https%3A%2F%2Fdaddylivestream.fun%2F\u0026atv=68.2\u0026cbref=\u0026pblcz=6707202\u0026abtg=1\u0026adbv=3-cdn-js HTTP/1.1\r\nHost: adexchangeclear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://worldsportz4u.shop/\r\nOrigin: https://worldsportz4u.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PusB8DZIkJ43BGREzuhGL0Ht5YJGc%2B4gQZ9z2m0ZPEB27Sfl0ttfKY%2BZGBWFN7cfCd8cnwEyhqPE6ty%2F71MZ9DJkqBji%2FZCz2PfJuEJUkMbzpU8%3D\"}]}\r\ncf-ray: 97b444cbeaa35a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1465,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"49435692bafbe963b43db0ccce99085d","sha1":"2d6e31022c4b42dce72158288317ea80181ca5ac","sha256":"8a56087bf9a152aa45dabe528960cbc2737147635fcc5bfcce446b2576c18a69","sha512":"114894a25079814b0e57f0d00b5cb01540ae2e647c371816313c8d99f00b7906bfd92dbb1f8b4ed8aa7506831c115f1af8cf1f3b3daa422dfb7ddc98dd25dd00","ssdeep":"","tlshash":"5631996f4d78dab5491df0dacc4e6a940b471152bd047c3dc8f65d5a50ad8740154a63","first_seen":"2025-09-07T06:50:18.421565Z","last_seen":"2025-09-07T06:50:18.421565Z","times_seen":1,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"18.159.241.11","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylivestream.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:51 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://daddylivestream.fun\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=97e287fa-730e-4d55-aa82-93ecd9d2e783:3:1; expires=Wed, 05 Sep 2035 06:49:51 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"ec84cff83ecbdc9422833935be49ed1f","sha1":"da1b5b55ecd3a311f412721121a9ec3fc66f18b0","sha256":"a75b202070629e7daa3476f6d303d7c6082c46a76de30e3010f14a464be735af","sha512":"ec846c7dcda028cc4ba2b87fad2dc96a5af954ce2a55467a5d364136d3b79ac4a4945c89caf13870dcf7e41ea121b1438d4636705c078e311ac6600e32cbf3a0","ssdeep":"","tlshash":"9390040507f7503030c554fd0c41c50441c05434001117503104704d54050d1050115d","first_seen":"2025-09-07T06:50:18.422521Z","last_seen":"2025-09-07T06:50:18.422521Z","times_seen":1,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":93,"dns":1,"connect":21,"send":0,"wait":21,"receive":0,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=904\u0026rd=904\u0026fd=552\u0026bv=25.8.6603\u0026tmpl=70","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=904\u0026rd=904\u0026fd=552\u0026bv=25.8.6603\u0026tmpl=70 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 07 Sep 2025 06:49:52 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":684,"timings":{"blocked":299,"dns":4,"connect":93,"send":0,"wait":96,"receive":0,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 07 Sep 2025 06:49:52 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2570\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b42dbce5a941641dcc780b68a1a8b7cd\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":5080,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5080), with no line terminators","md5":"a524ecfbd97124fd2e9c3f6ad371ca23","sha1":"a281b89a51cfe367f92816be50eba55ccc0eaee6","sha256":"5549a01f3d1c788c8e44dc8a54e5c9103880b5608d3b44e0a0ea4ebd124dc18f","sha512":"dbfa06ea3faf0b6451668b8634e61e52c71ac098f26b08551cac54344128a205b2378e56953102dda758aa63fab8ed1e22c3a74eda39a154caff8f2b6b3bdee5","ssdeep":"96:WhmlSzNzYF4RWz3qVeBYJ2gzAKAYaR/tCP/KZhWAEGo:SmAz+60BSF81RM3KZoGo","tlshash":"b1a1618e3f81b4ac069270372f3f6e0ef13a5c55195ad4d8d202a0a47f28a39d4b6b55","first_seen":"2025-08-06T23:31:31.906679Z","last_seen":"2025-09-26T10:32:45.122277Z","times_seen":4581,"resource_available":true,"data":null}},"time_used":679,"timings":{"blocked":288,"dns":4,"connect":93,"send":0,"wait":101,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"oyo4d.com/5/9729359/?oo=1\u0026js_build=iclick-v1.1565.0\u0026userId=08023d4e2ded49c1e316316004f6f031\u0026dmn=madurird.com\u0026tt=2\u0026ix=0","fqdn":"oyo4d.com","domain":"oyo4d.com","tld":"com"},"ip":{"addr":"139.45.197.118","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:52.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oyo4d.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 Aug 2025 05:09:42 GMT","end":"Thu, 30 Oct 2025 05:09:41 GMT"},"fingerprint":{"sha1":"CA:B0:55:2C:92:65:6D:F3:1E:6D:BA:45:88:FD:65:2F:07:36:13:27","sha256":"DA:EB:6B:D8:17:3D:D3:8F:2D:0D:B8:71:CE:2B:40:9E:83:B9:6F:46:25:7F:24:C5:24:83:76:CC:BB:09:4A:7F"}}},"request":{"raw":"POST /5/9729359/?oo=1\u0026js_build=iclick-v1.1565.0\u0026userId=08023d4e2ded49c1e316316004f6f031\u0026dmn=madurird.com\u0026tt=2\u0026ix=0 HTTP/1.1\r\nHost: oyo4d.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2614\r\nOrigin: https://daddylivestream.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 403 Forbidden\r\nserver: nginx\r\ndate: Sun, 07 Sep 2025 06:49:52 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 7\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://daddylivestream.fun\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"758ff964ee78d0c90f3a14d8d4af8ab3","sha1":"f248d30ac9849b0ead400537632beb02c9c703d1","sha256":"00e3fbbf542561da72fdc5ea89cfd1405c17739dd49210252e611c3122018efe","sha512":"6e24902fb4b9391c2a98b8cc2fa4bcc2a4793cbb591cf8670ffc1f50ba8b3dda2fe350b83a0ff5f3c8631bd66980ac4d8cb9c56bd2d8c891f0491d20c2fa5b6b","ssdeep":"","tlshash":"cf40000000030000c0000300300300000000000000000000000c000c00000303000000","first_seen":"2023-04-05T14:00:46Z","last_seen":"2026-04-04T15:40:15.016944Z","times_seen":2090,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":98,"dns":14,"connect":26,"send":0,"wait":26,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/7a/46/02/7a4602835f3f38811ae9549a1e65af83/1756656897.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:52.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 10 Jul 2025 02:33:11 GMT","end":"Wed, 08 Oct 2025 02:33:10 GMT"},"fingerprint":{"sha1":"06:D8:07:0F:AB:BF:D8:7F:C5:38:82:AC:A7:8A:20:4D:83:6C:EA:C9","sha256":"CF:05:58:46:C3:07:3F:B6:A6:8D:42:F2:3B:3D:91:36:93:10:CB:D5:89:47:A3:62:26:D2:F3:BA:AC:51:0E:B7"}}},"request":{"raw":"GET /cti/7a/46/02/7a4602835f3f38811ae9549a1e65af83/1756656897.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:52 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 64738\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:14:58 GMT\r\netag: \"68b47502-fce2\"\r\nexpires: Tue, 09 Sep 2025 06:49:52 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64738,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 15:43:55], progressive, precision 8, 728x90, components 3","md5":"a2b837691ec08bb81b1f2ad3a31ad6c2","sha1":"0ffac46d2256df762ecf0fe356f5f2c5e25635aa","sha256":"571690e4918f9915606cb6dd208c40161bf0a9a66f1fdc186a2f1b6c3cec0508","sha512":"55926574ca9f39d09424e6e6a9f5af97cda6263ea9fe75f0422085f5495dc9f0b01a928bd435278e651678d8b2dce587e7b0475f3bdf7a1f061872be165a8b59","ssdeep":"768://CXip/CD8YyBd6tQ/rC2wUKjyZe9AgBmC9wCUgaDur+TREUM64BHkye1KBZc57x:6892aGqmDBmc90Dg+y+4ZcUrANdN","tlshash":"e453f1a5ab56de21fcf056749ae0c2d31512b995d7a33a0238ec3645bf6a3d5cc0d30b","first_seen":"2025-09-02T16:44:03.401678Z","last_seen":"2026-04-04T20:13:13.296667Z","times_seen":644,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":46,"dns":1,"connect":19,"send":0,"wait":38,"receive":26,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"incompetencesorting.com/68/8b/fa/688bfa9126cbe6934301445222184ffd.js","fqdn":"incompetencesorting.com","domain":"incompetencesorting.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.149Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"incompetencesorting.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Jul 2025 21:45:36 GMT","end":"Wed, 22 Oct 2025 21:45:35 GMT"},"fingerprint":{"sha1":"08:42:80:4E:CE:E8:BF:66:25:50:CE:0A:BE:73:AD:AD:72:9D:2B:8C","sha256":"67:19:BF:6F:5C:9C:C9:F8:F5:71:F1:3E:F2:9E:D5:ED:D5:B2:6C:DE:A3:AA:9B:FD:EF:14:7A:B8:79:A8:74:4A"}}},"request":{"raw":"GET /68/8b/fa/688bfa9126cbe6934301445222184ffd.js HTTP/1.1\r\nHost: incompetencesorting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 07 Sep 2025 06:49:51 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 39538\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: incompetencesorting.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9aa2331f8092f96c65b08b3eb2613418\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":110158,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"e08088ded877492d71dfa50d35cc3a26","sha1":"82ecc964d793fb9fcc364085f229ad576bac5d0f","sha256":"3c6aef810d934181b9627c2c2ea2b5cfeccd6606b828dd83cd4b202620bda478","sha512":"ebc74a0931144478be6db154b0986b9ea1a17ba1a98dd40effd5277b0a4422246ca12855e32c13c51525615f560ab95e419b48a01c67cdde405f6c88f8428134","ssdeep":"1536:x8FO2Og6h8Z1zbcz7eg3Z+FhVO1TOCo8PkiYYo170BbEtla6xT3I:TD8vCGVIl+RQEtl0","tlshash":"3bb3b7887f80f56c115630b2232fa04af2e95e41a8ccd548f557fde92a2d377b439a78","first_seen":"2025-09-07T06:50:18.424596Z","last_seen":"2025-09-07T06:50:18.424596Z","times_seen":1,"resource_available":true,"data":null}},"time_used":840,"timings":{"blocked":320,"dns":40,"connect":94,"send":0,"wait":100,"receive":94,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"incompetencesorting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"al5sm.com/tag.min.js","fqdn":"al5sm.com","domain":"al5sm.com","tld":"com"},"ip":{"addr":"172.67.218.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:52.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"al5sm.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 12 Jul 2025 14:11:18 GMT","end":"Fri, 10 Oct 2025 15:09:42 GMT"},"fingerprint":{"sha1":"D8:6F:57:F9:E3:25:8E:F9:48:17:D4:67:0B:11:37:EB:47:21:A0:FC","sha256":"7B:11:60:4B:EE:E9:4B:BB:A4:B2:81:FF:6E:71:C3:35:5C:77:F6:17:DB:9F:A3:3A:A1:84:10:05:40:08:EF:68"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: al5sm.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldsportz4u.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nx-trace-id: 6e3383ac47a264485cb23206ad3367d2\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1789\r\ncf-cache-status: HIT\r\nlast-modified: Sun, 07 Sep 2025 06:20:04 GMT\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RwxCV54a5MwNse3Z7rN%2FRjLbn7Ekn%2FqsQMk%2BFGbkhzv75oQqUt2I8VPkVPcsjBKpekIxWfrykTv45R%2Bs7vFX6ngWG6ISK2g%3D\"}]}\r\ncf-ray: 97b444ca6af5b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109670,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c5c814d199e63bb78cd152255d04c2fa","sha1":"c9ae4be788a8f36815c9043a1ef187d9e463fd21","sha256":"834a5917c5adafa0e4b7fd3ae6631f8f08d09eb046881b5fa2e1d4f57fa37a77","sha512":"c2219dd451267968d03c74a10460b4032a3d1a5a8a7e819a9cc1c6d8a019b0ba54bb2ad531fd8807bd3bc754aea033b95527663f71a03c9ed4f49067cb09dfa1","ssdeep":"1536:F6KpKfzIHKJYl2MGRCYgNZ2ClqIZPgAz0Sjf654+DIVV2P6O2e:IK5KJe2GF2ncr0Sz6+3o6O2e","tlshash":"f2b32aca226a241612bf80344457ed1db5aecd81048dcdb8e0e5b8762d78b16d3fbfd9","first_seen":"2025-09-04T22:22:15.10742Z","last_seen":"2025-09-07T20:22:42.614483Z","times_seen":16,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":47,"dns":21,"connect":1,"send":0,"wait":11,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/disable-devtool@latest/disable-devtool.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","date":"2025-09-07T06:49:53.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/disable-devtool@latest/disable-devtool.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 0.3.9\r\nx-jsd-version-type: version\r\netag: W/\"4514-YJEJ2C3rDH3T2dISgI3LoFSM49E\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\nage: 35836\r\nx-served-by: cache-fra-etou8220123-FRA, cache-hel1410025-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 6646\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17684,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17663)","md5":"7fa174926682313cc5a067077b0bb22d","sha1":"609109d82deb0c7dd3d9d212808dcba0548ce3d1","sha256":"5a7b9b2c807f85575c9ebc1f508e849b53430870b2d0fb6c02b2de3df661cb63","sha512":"83a593d4b8648b78031259becd96b4c33226e9462c2e26013ee0746ff58a7b710159d0d380d001d7740e9485ee346491c16e3fdb0d334f5b6cfabe6f90cda9b6","ssdeep":"192:m+5ekRvDLCpBK+BpP78nPk6O9ShgzsqcSYV0GtI+uwicvsbIUiJE2KmnyKU:mLiPCvRvT8nPk6cSCzsqGVJeZcsb8S9","tlshash":"0582c4ccb48270715b77a9e9507f454ab23aae96888c8040f13ed8e42c7c56ec267f7d","first_seen":"2025-08-02T03:49:54.562881Z","last_seen":"2026-04-04T21:56:29.492987Z","times_seen":3595,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":45,"dns":0,"connect":14,"send":0,"wait":29,"receive":2,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"incompetencesorting.com/6ae13b8edcf64696bf65510df705d5c5/invoke.js","fqdn":"incompetencesorting.com","domain":"incompetencesorting.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"incompetencesorting.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Jul 2025 21:45:36 GMT","end":"Wed, 22 Oct 2025 21:45:35 GMT"},"fingerprint":{"sha1":"08:42:80:4E:CE:E8:BF:66:25:50:CE:0A:BE:73:AD:AD:72:9D:2B:8C","sha256":"67:19:BF:6F:5C:9C:C9:F8:F5:71:F1:3E:F2:9E:D5:ED:D5:B2:6C:DE:A3:AA:9B:FD:EF:14:7A:B8:79:A8:74:4A"}}},"request":{"raw":"GET /6ae13b8edcf64696bf65510df705d5c5/invoke.js HTTP/1.1\r\nHost: incompetencesorting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 07 Sep 2025 06:49:51 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 15971\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: incompetencesorting.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e9ba5f90a05aa25e941194fdac8a94e0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37629,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (37629), with no line terminators","md5":"d6150bac1e2bfac1e13712461333324b","sha1":"e2d034e77dc040889d3a9e4c8a5deafc76a04704","sha256":"3bb83a7d65006d4f65f8c4741f5d3f84337504e9589f52fc724d557fb76fc703","sha512":"15fd1a016723c32fda3fd951ca520849f7a6a87eae9a3bc003a70c5250660ccac970d64eb74df0778378e7af36b3e30938cbdcc4ea57de4266be1b6b46f563a8","ssdeep":"768:xBn6ccuBFYdYjHMjYZ6lRtsW8Yg1L/lUUYEFYLetqz:z6c7BF0Y6H98Y0L/qJEFYLetqz","tlshash":"e0f207883fc0b3d456ab2867337fd01ba1955d04a54cd098e927f4e82de876af727b60","first_seen":"2025-09-07T06:50:18.426636Z","last_seen":"2025-09-07T06:50:18.426636Z","times_seen":1,"resource_available":true,"data":null}},"time_used":840,"timings":{"blocked":321,"dns":41,"connect":92,"send":0,"wait":103,"receive":92,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"incompetencesorting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.946294159121.js?dev=e\u0026key=6ae13b8edcf64696bf65510df705d5c5\u0026kw=%5B%5D\u0026pst=1757227852\u0026rb=\u0026refer=https%3A%2F%2Fdaddylivestream.fun%2Fs-024%2FD982.php\u0026res=14.3095\u0026rmtc=t\u0026shu=f9b320f81c1c093cd841d210290fc7cd96d88f1e6eef5923c3d70a3f354d417d34c94ca7d1ebab4085419fdfd0a4eafc3664572cf15daceca1e5fcfa3f7969c82642901e371ad2e60b826d59ba03a073da0a74bdaa13f4889689\u0026tz=0\u0026uuid=97e287fa-730e-4d55-aa82-93ecd9d2e783%3A3%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:52.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:05:39 GMT","end":"Sat, 29 Nov 2025 00:05:38 GMT"},"fingerprint":{"sha1":"E2:5D:94:19:A8:E3:DF:BB:0C:81:C9:E0:EE:8B:9E:E1:F1:AD:67:58","sha256":"38:80:3F:7A:65:C5:71:DD:A6:A0:20:12:A2:CF:9E:19:28:AA:28:ED:C3:D3:FE:04:AE:C0:61:69:26:6D:27:C1"}}},"request":{"raw":"GET /watch.946294159121.js?dev=e\u0026key=6ae13b8edcf64696bf65510df705d5c5\u0026kw=%5B%5D\u0026pst=1757227852\u0026rb=\u0026refer=https%3A%2F%2Fdaddylivestream.fun%2Fs-024%2FD982.php\u0026res=14.3095\u0026rmtc=t\u0026shu=f9b320f81c1c093cd841d210290fc7cd96d88f1e6eef5923c3d70a3f354d417d34c94ca7d1ebab4085419fdfd0a4eafc3664572cf15daceca1e5fcfa3f7969c82642901e371ad2e60b826d59ba03a073da0a74bdaa13f4889689\u0026tz=0\u0026uuid=97e287fa-730e-4d55-aa82-93ecd9d2e783%3A3%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylivestream.fun\r\nReferer: https://daddylivestream.fun/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzMyOTkwNiwiayI6IjZhZTEzYjhlZGNmNjQ2OTZiZjY1NTEwZGY3MDVkNWM1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MjIxMjY0LCJwaWQiOjM5MjgzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyMywicHQiOjQsInBrIjoicjB6cHZzZHBqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2RhZGR5bGl2ZXN0cmVhbS5mdW4vcy0wMjQvRDk4Mi5waHAiLCJhciI6W119fQ.SYNs240O_skLU7EKOykUaTYPOFPjtqJJ_Qr5nIlWJwo\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 07 Sep 2025 06:49:52 GMT\r\nContent-Type: text/html\r\nContent-Length: 3366\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://daddylivestream.fun\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=97e287fa-730e-4d55-aa82-93ecd9d2e783:3:1; expires=Sun, 14 Sep 2025 06:49:52 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Mon, 08 Sep 2025 06:49:52 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Mon, 08 Sep 2025 06:49:52 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Mon, 08 Sep 2025 06:49:52 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Mon, 08 Sep 2025 06:49:52 GMT; path=/; secure; SameSite=None\nu_pl27329906=1; expires=Mon, 08 Sep 2025 06:49:52 GMT; path=/; secure; SameSite=None\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 79a035c9b23ece4bc8d94db9c06ea9a8\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4882,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (4006)","md5":"ad6a6411f2c278d7ea2f903d14560c40","sha1":"cda7fdb461898d199ff126dc8cbeb7c1b9390d99","sha256":"dc928ec07ac1cf8b7087bddae9a316ff61063148af23b633ee14279c599197d1","sha512":"b6e805c3d5756e161d091b87bfac0c2713b62c5605b0d151d760bc3963179312df4afbfcd62a19b62164b57d021505e0d7a9e6d40597218333f64bfd69b725d9","ssdeep":"96:UoznTlkl5NwPlhNNq42uK9mQ7h/BkKVdNk1/DACfMEDaH:tzTrPlhNNqUKEQ1/5PNcbACkCaH","tlshash":"b9a12d656fe77738157ab07d226f72583810e10b2705dc4ab91de5506f14ee10daedcc","first_seen":"2025-09-07T06:50:18.427734Z","last_seen":"2025-09-07T06:50:18.427734Z","times_seen":1,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":135,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"al5sm.com/tag.min.js","fqdn":"al5sm.com","domain":"al5sm.com","tld":"com"},"ip":{"addr":"172.67.218.237","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:53.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"al5sm.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 12 Jul 2025 14:11:18 GMT","end":"Fri, 10 Oct 2025 15:09:42 GMT"},"fingerprint":{"sha1":"D8:6F:57:F9:E3:25:8E:F9:48:17:D4:67:0B:11:37:EB:47:21:A0:FC","sha256":"7B:11:60:4B:EE:E9:4B:BB:A4:B2:81:FF:6E:71:C3:35:5C:77:F6:17:DB:9F:A3:3A:A1:84:10:05:40:08:EF:68"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: al5sm.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldsportz4u.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nx-trace-id: 6e3383ac47a264485cb23206ad3367d2\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1789\r\ncf-cache-status: HIT\r\nlast-modified: Sun, 07 Sep 2025 06:20:04 GMT\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L58GfDBXrfVPTwefRUJJbsGFCFblXxsJEN%2FFpl9VJACAZkzsYHMXNLbbGbuM4MNe3uvv9JI4hjSAI5j5zYyDfCgSpLeUo%2F0%3D\"}]}\r\ncf-ray: 97b444ca7af9b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109670,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c5c814d199e63bb78cd152255d04c2fa","sha1":"c9ae4be788a8f36815c9043a1ef187d9e463fd21","sha256":"834a5917c5adafa0e4b7fd3ae6631f8f08d09eb046881b5fa2e1d4f57fa37a77","sha512":"c2219dd451267968d03c74a10460b4032a3d1a5a8a7e819a9cc1c6d8a019b0ba54bb2ad531fd8807bd3bc754aea033b95527663f71a03c9ed4f49067cb09dfa1","ssdeep":"1536:F6KpKfzIHKJYl2MGRCYgNZ2ClqIZPgAz0Sjf654+DIVV2P6O2e:IK5KJe2GF2ncr0Sz6+3o6O2e","tlshash":"f2b32aca226a241612bf80344457ed1db5aecd81048dcdb8e0e5b8762d78b16d3fbfd9","first_seen":"2025-09-04T22:22:15.10742Z","last_seen":"2025-09-07T20:22:42.614483Z","times_seen":16,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:53.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 28 Aug 2025 13:14:02 GMT","end":"Wed, 26 Nov 2025 14:13:48 GMT"},"fingerprint":{"sha1":"7A:B2:21:7F:72:E3:39:3E:95:5D:FB:ED:BB:1C:7E:88:C4:7A:B1:B3","sha256":"FB:1D:6D:AF:DA:57:8D:9A:8B:B2:CC:FF:A2:55:C8:F3:71:3D:49:77:06:FC:4D:6F:16:91:61:6F:89:1C:A3:CB"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://worldsportz4u.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldsportz4u.shop/\r\nCookie: ID=08023d4e2ded49c1e316316004f6f031\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://worldsportz4u.shop\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=08023d4e2ded49c1e316316004f6f031; expires=Mon, 07 Sep 2026 06:49:53 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 97b444cb2865120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"216cdada1ab00ca3359a53cdcebcda1f","sha1":"c5767b85b32f748d7aafb1f28ac147e6f0a4120b","sha256":"7687795b979ecbe04647e369ff5bb39a3cbd64c7f140a9a246447a21caecb9db","sha512":"e5a13bb3406b217f2d38f44b00deb63d8df96ad878df8d1b4a043b9017ee56d0dfd43c84029d681f593717782c6f16eb2b73aecf4e719aaa6f5d76118725df5c","ssdeep":"","tlshash":"09a00290597d26c5c44066a55a8b8691404d51d1dc44729881f88402318b9cc49cba4c","first_seen":"2025-09-07T06:50:18.410775Z","last_seen":"2025-09-07T06:50:18.410775Z","times_seen":1,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","date":"2025-09-07T06:49:53.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.6.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15d9d\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\nage: 1620835\r\nx-served-by: cache-lga21931-LGA, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 71, 213389\r\nx-timer: S1757227794.580652,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30875\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-04T21:47:21.797037Z","times_seen":445013,"resource_available":true,"data":null}},"time_used":539,"timings":{"blocked":251,"dns":23,"connect":18,"send":0,"wait":28,"receive":3,"ssl":213},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylivestream.fun/s-024/D982.php","fqdn":"daddylivestream.fun","domain":"daddylivestream.fun","tld":"fun"},"ip":{"addr":"104.21.94.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"daddylivestream.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 15 Aug 2025 16:42:47 GMT","end":"Thu, 13 Nov 2025 17:41:36 GMT"},"fingerprint":{"sha1":"97:3E:84:F4:5D:6F:B6:4A:37:E9:F8:87:69:59:1E:28:7D:25:BF:E6","sha256":"28:7F:B4:0B:F2:0B:41:8E:71:78:C1:13:4B:C8:2D:91:8E:4D:2B:8A:F2:F4:2D:07:A6:74:0C:97:4A:3E:EF:78"}}},"request":{"raw":"HEAD /s-024/D982.php HTTP/1.1\r\nHost: daddylivestream.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/s-024/D982.php\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:51 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nqMm%2BSfe016g08jhzzNRChh3H2L12B166s%2BJj1pyyiEt11F86TN2NoLJNemtVZlDulE0RwvVJWX704N8N8zm4hX60A9SKT3GHfSilNOvUjI3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 97b444c29f52b4f9-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"upload.wikimedia.org/wikipedia/commons/2/21/Speaker_Icon.svg","fqdn":"upload.wikimedia.org","domain":"wikimedia.org","tld":"org"},"ip":{"addr":"185.15.59.240","port":443,"asn":14907,"as":"WIKIMEDIA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","date":"2025-09-07T06:49:53.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.wikimedia.org","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 Aug 2025 07:58:25 GMT","end":"Fri, 14 Nov 2025 07:58:24 GMT"},"fingerprint":{"sha1":"00:6B:23:79:C6:3F:3F:33:1C:96:A8:58:E3:42:75:58:02:2B:84:D3","sha256":"AC:53:65:9E:C2:DF:AA:6F:9B:55:55:44:CF:4E:94:5A:41:C1:12:6D:4F:EA:F3:3D:EB:5E:40:17:00:3A:2E:26"}}},"request":{"raw":"GET /wikipedia/commons/2/21/Speaker_Icon.svg HTTP/1.1\r\nHost: upload.wikimedia.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 06 Sep 2025 17:15:59 GMT\r\nserver: ATS/9.2.11\r\netag: W/1e965f9ca6bac55c4bfece8dabe6fa47\r\ncontent-type: image/svg+xml\r\nx-object-meta-sha1base36: rcosig5pk1fefnugtbiewl19zhtt86j\r\nlast-modified: Wed, 28 Aug 2019 18:11:18 GMT\r\ncontent-encoding: gzip\r\nage: 48833\r\naccept-ranges: bytes\r\nx-cache: cp3076 hit, cp3076 hit/21253\r\nx-cache-status: hit-front\r\nserver-timing: cache;desc=\"hit-front\", host;desc=\"cp3076\"\r\nstrict-transport-security: max-age=106384710; includeSubDomains; preload\r\nreport-to: { \"group\": \"wm_nel\", \"max_age\": 604800, \"endpoints\": [{ \"url\": \"https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error\u0026schema_uri=/w3c/reportingapi/network_error/1.0.0\" }] }\r\nnel: { \"report_to\": \"wm_nel\", \"max_age\": 604800, \"failure_fraction\": 0.05, \"success_fraction\": 0.0}\r\nx-client-ip: 91.90.42.154\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache\r\ntiming-allow-origin: *\r\nset-cookie: WMF-Uniq=sPf3elPhb2zietFPPYV0eQJnAAAAAFvd7_xzuGO9XdfMkN1Q00iXQE-hAeWSv2KS;Domain=upload.wikimedia.org;Path=/;HttpOnly;secure;SameSite=None;Expires=Mon, 07 Sep 2026 00:00:00 GMT\r\ncontent-length: 328\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache Traffic Server:9.2.11","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":514,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1e965f9ca6bac55c4bfece8dabe6fa47","sha1":"ea28e0f6d1a42bd7f2ab416bcf2a9fd0dde55fab","sha256":"70e589ae4b79586ddd4eadd1ac8b501d64ab0433c2038c92e945fbb6195ad7a9","sha512":"ac5cba3ff4bd990c24695203c88c8b444051059398c8d7b53c8dd87bbe4d2693000a2b2e502bcfc0dee7b745b01a580c9dba3cf362337003626f9e18394fed75","ssdeep":"","tlshash":"53f0591d83865c3ea0628b148750f90963bb5552a672f394cebd1b7325171d450bbaec","first_seen":"2024-06-21T01:55:05Z","last_seen":"2026-04-04T19:33:28.162094Z","times_seen":1018,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":128,"dns":57,"connect":19,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"18.159.241.11","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylivestream.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:51 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://daddylivestream.fun\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=a93d17a4-c1ea-4f21-99f7-837378cf6ca8:1:1; expires=Wed, 05 Sep 2035 06:49:51 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"833fc9f3ea40930820978e96a0549da1","sha1":"167b6095e9496ffd41c2d2166eac1a195dbc8911","sha256":"ed6972099d37e6dd64e7ef11940fee4fb6e3b0e6b667f2b7507c22c16845c6d8","sha512":"a26f79e73f4c39e224912d767415d274e83004058a29ae04b205dff1bc617623cbdd80fe6f902533fe107972763d07eb79fbd5254ce87b916a8b2038cdfb243f","ssdeep":"","tlshash":"47900400714f50f004443dc011503fd413df343c443d0401dc34d000d04531c4373d00","first_seen":"2025-09-07T06:50:18.429677Z","last_seen":"2025-09-07T06:50:18.429677Z","times_seen":1,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:07:02 GMT","end":"Sat, 29 Nov 2025 00:07:01 GMT"},"fingerprint":{"sha1":"AD:4F:15:9E:60:62:A7:16:BA:4B:37:64:C6:01:6B:2B:99:47:89:BE","sha256":"44:74:EA:98:35:48:9C:28:63:20:61:17:18:F6:2B:0A:57:68:36:F4:EF:B0:67:1E:C0:7C:41:30:13:2C:02:F1"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylivestream.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 07 Sep 2025 06:49:51 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 725a72217e94d7a24814d5fcdde6e669\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T21:47:03.661814Z","times_seen":13347989,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":25,"dns":1,"connect":17,"send":0,"wait":18,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-07","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"waust.at/c.js","fqdn":"waust.at","domain":"waust.at","tld":"at"},"ip":{"addr":"104.26.5.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","date":"2025-09-07T06:49:53.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waust.at","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 19 Aug 2025 16:08:05 GMT","end":"Mon, 17 Nov 2025 17:07:33 GMT"},"fingerprint":{"sha1":"36:D8:6B:24:C6:E6:C8:AF:63:96:50:56:1D:40:88:5A:A9:5C:22:D2","sha256":"8E:A4:C7:DE:BE:00:BB:C8:F8:96:8E:5D:C3:FB:2A:0F:1C:7B:8B:FE:DA:35:BE:35:F2:6A:6E:DB:B2:D6:B7:34"}}},"request":{"raw":"GET /c.js HTTP/1.1\r\nHost: waust.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Thu, 12 Jun 2025 10:32:02 GMT\r\netag: W/\"684aaca2-2f55\"\r\nexpires: Mon, 08 Sep 2025 05:50:34 GMT\r\ncache-control: max-age=86400\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 3559\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y2JS33Jcm2YHC%2FT0%2FMb58WQjjuezxgt%2FW06d%2B3k%2B0%2Fd45fDHrz8p%2F0fs0Mq6kSC9cTl%2F5bwFzQ09KzeZrdzu7b9OfhwN4fw%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 97b444cc9bfbb1b8-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12117,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (12117), with no line terminators","md5":"7f167017c3edca98e152e2ad7e547032","sha1":"cbcbd0f11bd2f552cdd87cf1947fadc2b7371681","sha256":"52784de24aa1b312200cd6262ccecb5983c443290f1fe8d01790199be351b02d","sha512":"68c879651da562bb04d028bf0e4c5fcbfcbba27c7180fb3a0545dc6e6697b55aa1f422ab5fbfa557f6f1ab7107f0bcf3d12d1e4df2f15d209975b4da221cb33d","ssdeep":"192:lEpB4BQM5iClA7y1w65jqc4izncX9HVvW2kdjxWybsm8/29NBm2/MIGQKG+I8:lEpB4BQB9W1wC4bN1wdjxWybsm8/242o","tlshash":"8c424c55211b28b6a7ff50ea252f73057030543aaf4a905190a6c0bc36bde4f90ffeb6","first_seen":"2025-04-13T04:38:43.35501Z","last_seen":"2026-02-15T18:16:47.15295Z","times_seen":769,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":50,"dns":23,"connect":1,"send":0,"wait":27,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jxoxkplay.xyz/blast.js","fqdn":"jxoxkplay.xyz","domain":"jxoxkplay.xyz","tld":"xyz"},"ip":{"addr":"172.67.134.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982","date":"2025-09-07T06:49:53.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jxoxkplay.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 18:24:49 GMT","end":"Sun, 09 Nov 2025 19:21:25 GMT"},"fingerprint":{"sha1":"F9:C9:6D:AE:27:E4:51:15:EB:CE:17:8D:87:A8:7A:36:1C:46:F3:42","sha256":"90:CC:17:79:CA:44:5D:24:3F:E9:35:D2:27:2D:DE:C4:40:75:68:37:45:8C:A8:06:D7:48:D4:2D:1E:ED:0E:2E"}}},"request":{"raw":"GET /blast.js HTTP/1.1\r\nHost: jxoxkplay.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jxoxkplay.xyz/premiumtv/socceryouknow.php?id=982\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Sep 2025 06:49:53 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Thu, 17 Oct 2024 06:47:40 GMT\r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2WoxyFCpn4kcnUV3kfUVnoWtYVT2IY%2BkshpTeA5KOaqefx%2B%2FEzdMYO3a5jgTP6aFPfnK7ZtYo%2BaiQiTw6vhgXPRpR%2Fk56%2BiyaHfn\"}]}\r\naccess-control-allow-origin: *\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"6710b30c-13040\"\r\ncf-ray: 97b444cec9ed5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77888,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"091faec928970e76d37a3601c19fcf8a","sha1":"6441e8eebe90eb8d4a40e7c25440ff99caba3520","sha256":"eb06375118b1eb73f43b8f1851472008f84999a1b27359c075bf5da6feef9a12","sha512":"0065b4e5167b85abb85d4af6be22853d1ea16e9c0d5420173f356dd7a980374487405d8561a4a5df32dd68d2956af6c7a3f099776994e2cf6a3b0eb8df1c3277","ssdeep":"1536:HnyiwA6dLK4I7T8IVCJ0Xiyu/lpvd7TN8+Prp2s:HnyiwFLzI7AeSymrpTNZrpN","tlshash":"16732ec177d5bc8212872b77731bb1e6e82a9dd87188488ef104bc90f4bda12fae4575","first_seen":"2023-03-08T14:53:38Z","last_seen":"2026-04-04T19:33:28.169025Z","times_seen":1566,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adexchangeclear.com/script/suurl5.php?r=10274894\u0026cbur=0.5189006376620802\u0026cbiframe=0\u0026cbWidth=1280\u0026cbHeight=1024\u0026cbtitle=\u0026cbpage=https%3A%2F%2Fdaddylivestream.fun%2Fs-024%2FD982.php\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=acscdn.com\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1757227791849\u0026srs=dab7bb8e467a1e4db5099213419eac49\u0026atv=68.2","fqdn":"adexchangeclear.com","domain":"adexchangeclear.com","tld":"com"},"ip":{"addr":"104.21.78.155","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://daddylivestream.fun/s-024/D982.php","date":"2025-09-07T06:49:51.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adexchangeclear.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 17:58:51 GMT","end":"Sat, 08 Nov 2025 17:08:08 GMT"},"fingerprint":{"sha1":"EA:C4:03:00:5B:31:55:C6:59:67:78:25:B3:B7:46:0C:EC:DE:30:70","sha256":"D9:CD:23:32:1E:FF:B8:A4:2F:94:7E:6F:7B:49:CF:2A:8E:F8:87:04:44:A7:C7:E1:3C:53:1B:9F:D1:3A:94:D5"}}},"request":{"raw":"GET /script/suurl5.php?r=10274894\u0026cbur=0.5189006376620802\u0026cbiframe=0\u0026cbWidth=1280\u0026cbHeight=1024\u0026cbtitle=\u0026cbpage=https%3A%2F%2Fdaddylivestream.fun%2Fs-024%2FD982.php\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=acscdn.com\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1757227791849\u0026srs=dab7bb8e467a1e4db5099213419eac49\u0026atv=68.2 HTTP/1.1\r\nHost: adexchangeclear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://daddylivestream.fun/\r\nOrigin: https://daddylivestream.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:52 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z8EO4yPAzestbByoaMrVqvE%2Fexf66iII9pefuMS0rQ9UD%2BbWvtMbiiPVSITdesblO1ttB9tiDhlbnTLJ9WDTTLo2qpmRrQf22mNYKU66b9qU\"}]}\r\ncf-ray: 97b444c3df9d56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":942,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"9c383ad02662ad9a95332baf7ef13c76","sha1":"55a637c8b4c5bf1340e4332c3a2e376d449569a2","sha256":"6990eeff6379b91cbe7038d7de538ecc4be3f3f26ac89c9cc7b95e3241118070","sha512":"7f9eb0c659b2517d49b0091cd687101193adc349957aa495144b9858e026a996283da3ffea55f8a5fdb793cc2da77629a3b10a1d6d82903cf2b536a663ed91c8","ssdeep":"","tlshash":"d11188125cb4755090c9d8dd547d6c18c6e620a7dd95784df0a17d78ed189d1d0a7132","first_seen":"2025-09-07T06:50:18.431572Z","last_seen":"2025-09-07T06:50:18.431572Z","times_seen":1,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":40,"dns":21,"connect":1,"send":0,"wait":182,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"18.159.241.11","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://worldsportz4u.shop/online/stream-982.php","date":"2025-09-07T06:49:52.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://worldsportz4u.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://worldsportz4u.shop/\r\nCookie: uid_id2=a93d17a4-c1ea-4f21-99f7-837378cf6ca8:1:1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Sep 2025 06:49:52 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://worldsportz4u.shop\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"833fc9f3ea40930820978e96a0549da1","sha1":"167b6095e9496ffd41c2d2166eac1a195dbc8911","sha256":"ed6972099d37e6dd64e7ef11940fee4fb6e3b0e6b667f2b7507c22c16845c6d8","sha512":"a26f79e73f4c39e224912d767415d274e83004058a29ae04b205dff1bc617623cbdd80fe6f902533fe107972763d07eb79fbd5254ce87b916a8b2038cdfb243f","ssdeep":"","tlshash":"47900400714f50f004443dc011503fd413df343c443d0401dc34d000d04531c4373d00","first_seen":"2025-09-07T06:50:18.429677Z","last_seen":"2025-09-07T06:50:18.429677Z","times_seen":1,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}