{"report_id":"836153f4-8e84-4b84-8c93-97fab14cc2b2","version":6,"status":"done","tags":[],"date":"2026-05-30T12:26:52Z","url":{"schema":"http","addr":"sportsf2.com","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":0,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"sportsf2.com/","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"title":"体育下注|nba投注平台|竞彩足球投注 SPORTS GAMES","dom":{"size":8210,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"44f361edc05c47d78db6def6b712f006","sha1":"66f7b53566a135444e11f63dc606199de774b619","sha256":"c004173774bf8dd8f20958e9c9e5d27017b397086682538b6ea53ed791147c93","sha512":"1151801e0d13b81fbe5885d13cf4a8be24c8e5edaa085a33d9a76749cb6e90b5cd7f48470150b24eebf3cf3a95048851bc4f9216b91968546a56a5f3fa8bab0c","ssdeep":"192:SrnMZjBPCpnDZ0CPBfE/k1mp6rPlyJzmRF4sAAtg:1jmX7AAtg","tlshash":"4b02871661e3115b2922d1a66fb3171b6664d407c30bc9997fcc15cdef89ac9c8a738c","dom_hash":"domhash27012197961c49af023d3292681d65a6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"sportsf2.com","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":0,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-04T12:26:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"sportsf2.com","ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-02-21","domain_rank":0,"first_seen":"2026-05-30T12:25:08.369718Z","last_seen":"2026-05-30T12:25:08.369718Z","alert_count":60,"request_count":20,"received_data":1613031,"sent_data":9003,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"203.91.74.202","ip":{"addr":"203.91.74.202","port":41669,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":9,"received_data":322417,"sent_data":4165,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"hm.baidu.com","ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-05-25T08:02:12.766553Z","alert_count":0,"request_count":2,"received_data":30879,"sent_data":1220,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.174.227.28","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-05-25T08:02:13.36199Z","alert_count":0,"request_count":1,"received_data":363,"sent_data":465,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"sportsf2.com/","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-24T05:28:14.066228Z","times_seen":121616,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/bootstrap/js/home.js","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"16c93ef01acd14ec64c07020d638253e","sha1":"9c7b9d1a61977675c7f128bf2e27093d3cfe37f6","sha256":"f0795e9620ff382d585e15e40f303b394863fc5fa3dbdecd140adcbc4e51ffd2","sha512":"218d41ff60e128ff13105f9d376cfac1b80401527884da7b6179bab1fe8e9aa9e5959873bc5385798c8a5c6fb7aedce8e68b17112833cc16c096e0dc214d35ea","ssdeep":"96:6P7fgtAVMsSMCM1vUrp8KtQJQ1l/2o3RV0uRC6v6qyS+KQkIF:6P7fg+VSVAvUr2KaG1Zd3YuRriqyDKQH","tlshash":"91c1551a62b42433447775bb97af57c477212087b8c6ec393dfcc6080f845aa59f1aea","size":5802,"data":"","first_seen":"2025-10-09T23:37:04.756251Z","last_seen":"2026-06-24T13:55:43.597739Z","times_seen":938,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/bootstrap/js/bootstrap.bundle.min.js","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"21d4551af5cc4ed4d818bdbdfea8c358","sha1":"df272a07ed30eaf8025b699c45736ba9d284e4d4","sha256":"35f4547d9364111aca4850347356bc5660a994f0d8b694d88f995098a7b547fa","sha512":"4dcd22faf4688265f834deedb8b6d07c1c5af0991f512031485573994df59d5747ca21c494f3f2d9c59f15a7260892b0d15aa8bebcca85d7764d24cc740c69da","ssdeep":"1536:/SwJiEbnTl6R2t49CFliFCIg/yWszSraJd5qUFH9tZwcE+iYZMgZdj:6wfs+SSO5q4tZwcEVYZFj","tlshash":"2383b5593244b8730ade85b68037430bf2265998b14b812cb57cadde2a7dcc67277f78","size":80821,"data":"","first_seen":"2025-06-18T01:20:12.005242Z","last_seen":"2026-06-24T13:55:43.590506Z","times_seen":2294,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c83ebee2aa19e3fdbfe07dcfcc239405","sha1":"e0db08a93c863968c4b1e146aa04544b246a2153","sha256":"3a6e51bd3dae91dca04533ce5aac3a50495bfed1e7cf2355d46949e0e030ca0c","sha512":"489c1b6cb2283af2e422f4505beaf9a867fce6bfba145878f76ebca3e30799ce38dd2d9de53992c066f204e229fb286aa09527b2c52452418f5ae12a89d200ba","ssdeep":"","tlshash":"48f0dcae9c51e178abc338ac9bafd688c16e1026110ecc03a9d9c5ce3c38fc8042134c","size":491,"data":"","first_seen":"2025-01-04T07:18:42.072419Z","last_seen":"2026-06-07T02:40:39.482097Z","times_seen":380,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-06-24T13:59:40.851696Z","times_seen":98356,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"203.91.74.202:41669/static/js/link.js","fqdn":"203.91.74.202","domain":"203.91.74.202","tld":""},"ip":{"addr":"203.91.74.202","port":41669,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"07656313ac417c5884c6617ff8958ad6","sha1":"7753bf455cf36cb1d857ec4240f2d7c9d5dcc7fc","sha256":"2f9484b65a25cba389a89535fdd5bfa948309189bd937c6035666602c91fb638","sha512":"e580c87e5824a30fef67e3ba305f5c49d10d65d065cfef83b1a0a073fbd68f4d413adbc99e153e69606279ff3227fc704b4471c288c6d6d35194489a53e6f2b4","ssdeep":"","tlshash":"9d31cc58e6d03c260d2748a7685b2d04f593410bbc5aec42f69d4ac0dfb2b2e4f7ace4","size":1742,"data":"","first_seen":"2026-05-30T05:44:44.084902Z","last_seen":"2026-05-31T23:53:12.261494Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?c07eb39b85a98c006261a3a263eb36c6","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"7e942dac9986ba6ebeb9e88afd6e3b36","sha1":"3c583c7ea9bcca420da2f47328c52ebdd3321a10","sha256":"7fc04e5741143107a10faa18dd169eb30d72c0a94b9abb63de43755bff230f63","sha512":"adad5c707a77afb3283e4963af72904e12b0e0589285b2457511f386944327335b0660e7fcd12b23b20cb19ad07cc6e0b34823dd303549ba93c6509d2ff22909","ssdeep":"384:N9JSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:N94VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"90d2d9a9b282713293a324a5153f324ef07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29897,"data":"","first_seen":"2026-05-30T12:26:57.382016Z","last_seen":"2026-05-30T12:26:57.382016Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"84d57a88bfc6bd7cee3d94633f73e134","sha1":"167bff2ea22308bdecdefcd42eb02bf64df1ea40","sha256":"33d4dd60367671feec9de529f98b1049f033ecdcfe85d8c2b9c270760793e8a2","sha512":"261110089593a4306500d3cd8b2cf61934d479e1fdf4296de2baa57d54b07356a9819e8169e8ce8f50c9dd64c9d3a2111d4c9912b5177987ea1e0a80af18d7aa","ssdeep":"","tlshash":"68e061edd3c4758c6ad25ca97c17740875d80d1c3cee49e4cc1014a524e5997c5c1ddf","size":417,"data":"","first_seen":"2026-05-30T12:26:57.39451Z","last_seen":"2026-05-30T12:26:57.39451Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/e/dongpo/tz/tz.js","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b6be6097bca254529370543a0d8c994","sha1":"6ed4294a5aeda373a9130a007982295aafc03670","sha256":"4fab45ac7742ee3c04eba44a58376f505a7532fd37f259912f2a39abd5d4bb69","sha512":"5c8c4aef4c2ff9e398aa33526b17b44b6a55d6a3362d5bde1debdccfbf57ce75fd0c85cbb0d9eab3e5c2b91a8d537aaf5445e09d6c54c390ac41de60e602e306","ssdeep":"","tlshash":"2d21af7fae630254901691592bba776c3e3a001b6301c8307afcfe685f53f429483bd4","size":1158,"data":"","first_seen":"2026-05-19T23:42:22.369025Z","last_seen":"2026-05-31T06:37:50.642658Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/swiper/js/swiper-bundle.min.js","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"21b78ba7133b3d67cf8b09cd6a26d386","sha1":"ea59f37b232db6dee2694078bf21e153a09bacdd","sha256":"6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5","sha512":"dc48bb38f168f37930ddc3db0cb78b867fd817cb5907b56cf2c7e58b407f2847a4bab78be5ea2c0deb216052020afb782bc8b4c948a5fe52b77128a27365a392","ssdeep":"1536:TIJQfGP7LP8NEuWGKF+IlzholxU/2Bkt+9SD8jv1nTHlU9ymp8Mj0HEOS5hAsVuZ:0JCN+TXD2BkQZFU9tp8Mj0k95h5cpnv","tlshash":"02d3f8896221b57646e316db93e4c221a3b50544b80ac8f470bd4c9f597ec9813feffa","size":140562,"data":"","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-06-24T14:41:59.400039Z","times_seen":4818,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/e/dongpo/tz/tj.js","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1bf60b5cf9c764caf9e85228dc7bfc33","sha1":"22b0d1971d7ec1ec3bb55ff4771752db18eab9ef","sha256":"1a32c475f692c3c84f550cc194a92fff3df6368293bbec3b8e67a42bc2d92306","sha512":"681c26eab518649736ea2c6302120b5a61e0b0749375c8933c7c890b6195de0c6e09a4184c9af8c5fd0f5e5eeda63ba803574bee4c44737899ccd18ce14c97c9","ssdeep":"","tlshash":"8601f11f7c25e13463921c2d23bbdadcf5ad2016101dc80654dec4ad6c34ff9042ab4c","size":808,"data":"","first_seen":"2026-03-03T01:17:34.078046Z","last_seen":"2026-06-24T13:55:43.562188Z","times_seen":554,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-24T05:28:14.066228Z","times_seen":121616,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"5ea4ed957a0b261151dac522867c1abd","sha1":"2ad940f70f57d4e7d4c624da27691f27fd970ad2","sha256":"229702bd443552b438f8113c95879a863fa4b777ff5be6fb0e61b765cb7d2de3","sha512":"5dc10c656eac40df0c6bdbf66f1f1631178dcc4f5d084f015efe85a07467ef2b68fc0fcd66bc5f4a39af17ea42b03d243e0eaeef5d7f9a0b13efc07dae010b98","ssdeep":"","tlshash":"a3f097ae9c51e568aad328a89bafd68cc16e1026110ec803a9d9c5ce3c38fd8082574c","size":508,"data":"","first_seen":"2024-10-26T06:33:34.507797Z","last_seen":"2026-06-07T02:40:39.482766Z","times_seen":515,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"sportsf2.com/skin/bootstrap/css/bootstrap.min.css","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/bootstrap/css/bootstrap.min.css HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 01 Jul 2025 14:17:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6863ede4-38a52\"\r\nexpires: Sun, 31 May 2026 00:26:33 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":232018,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"50c95aae1a6c1e089c11681d1e1906f8","sha1":"a65e4fd8db9bd0440de2d6d73c9e7cd00fce4a8d","sha256":"cd1826581e4f2b80af4f1e05897b316c7698441063cffaefbbdeec382ee4cd72","sha512":"7f0edff9370c8d36fb6e96cb25994ff20d98e17702c85656f2ecbc1ec459b07fd2c1b330d2994a1c51ebf7d0cdde5d3856c60dc2fce27145ffeaababbc8c5bc7","ssdeep":"1536:v9xnXGi9GfJkfvq5wlP7cQZDR9uvV982sYRElV6V6pz600I41r:HnXp9GfrV98II6V6pz600I41r","tlshash":"d03482d6f590317d9ca7c1499681fefd896fa985cb120aa6f003776807cabd30962dcc","first_seen":"2025-06-19T07:12:41.126365Z","last_seen":"2026-06-24T13:55:43.593367Z","times_seen":2271,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/bootstrap/css/module.css","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/bootstrap/css/module.css HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 24 Jul 2025 12:07:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"688221f2-28112\"\r\nexpires: Sun, 31 May 2026 00:26:33 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":164114,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65518)","md5":"67e45932bedd92dd7bc2a7de1653677e","sha1":"b15f3b2e370d9a7c2c40ea991c8f4a839617702d","sha256":"6e25cdc64273a412026df8a7b3510d9ba7dd6cd75653dd3eb884371b4ace73e8","sha512":"d6130c594f82eefca5109421095dc8c0603b44c4c714bdb8956e64278c9c1625263a531a1ad401fa344f180c2f1cbe95af8246c9e33dc6a28316ab243f448591","ssdeep":"1536:qiVj2AhHm0CfrtrPr7AhhTQbdS6U8H2GXVxICl1gGqotJFFp4L/Xzbv9ALVTFCew:sAhhTQg6U8p45s5Q","tlshash":"c6f397309984202cf11bc5eae5d0abef32649801f663077ef66370a6d6c21ef577674a","first_seen":"2025-10-09T23:37:04.753197Z","last_seen":"2026-06-24T13:55:43.602973Z","times_seen":910,"resource_available":false,"data":null}},"time_used":526,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/fontawesome/css/all.min.css","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/fontawesome/css/all.min.css HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 01 Jul 2025 14:17:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6863ede4-1907e\"\r\nexpires: Sun, 31 May 2026 00:26:33 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102526,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (52276)","md5":"c43cd173eeeba2f72aa6b431d06b8c07","sha1":"427a692f7f39eabb3d5b8510aee2743025daf813","sha256":"c880eb3d25c765d399840aa204fec22b3230310991089f14781f09a35ed80b8a","sha512":"02f6f6422b83104bc1e1b64961d7edda63635528417ed2dd3c6f0527457b8ab4cb43c528d2a70fc61e0f96aec6e6d1a6d2b53ed523e1568b6d78ba41111c1393","ssdeep":"1536:vwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPG9ZpgmLCq:P709gMGFiyPG9ZimLCq","tlshash":"4fa3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2024-01-04T18:36:36Z","last_seen":"2026-06-24T14:00:13.711899Z","times_seen":11929,"resource_available":false,"data":null}},"time_used":532,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":532,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/logo/sportsf2com/logo.webp","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/logo/sportsf2com/logo.webp HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3100\r\nlast-modified: Sat, 28 Feb 2026 20:44:07 GMT\r\netag: \"69a35397-c1c\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3100,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 400x140, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c98826b88d58ef84e87f5b547e0b837e","sha1":"f7e4c54b087228877ff0b56bd259651202a55a06","sha256":"7be9b9d3e1f4582643548b7ec01fb3d9e37abb00b6bb8d1cee96bb16d262749c","sha512":"68603fc2ca9daed3c70b180b112a7ea9d148f376c117ac1a672c6a3f58451e436573669e1cc9c2b511604578bf98342481e7161ac836263d26cf7c329112e8f7","ssdeep":"","tlshash":"21512bc156884f7ac69808fbf87e737052ac14f82d54621a6699ae2a40f42e1d8d691a","first_seen":"2026-05-30T12:25:12.36338Z","last_seen":"2026-05-30T18:15:18.771076Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1009,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":747,"receive":262,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/cover/sportsf2com/about-33.webp","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/cover/sportsf2com/about-33.webp HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: image/webp\r\ncontent-length: 84622\r\nlast-modified: Sat, 28 Feb 2026 20:44:07 GMT\r\netag: \"69a35397-14a8e\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84622,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 671x447, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"a8f2d267809fabf12ffc671881ed4a16","sha1":"e4324be0d6144b7213579afae3f84190bbd94864","sha256":"ff30d669aa388598c5eb08598d4cca051db1b4236a2922b0feb3fffd39f621f5","sha512":"26d8a66b891bb7cfc3f76c17738cb9a590fcefff14f0c5be7202b0c5a2cf37eda296528a569bbc0e0041e285a68354ac5f86b22eb44475682d661b78f1196a6e","ssdeep":"1536:bzkVttujl+rK7CFikj7Cm7LfMuniaqhIpMTwB7q9/SGIuv7/2KIJ5vC:bUtIgICsm/9nd9pM6m9/BkJ5vC","tlshash":"f2831263902f3ade1172e6e0c210bd3ca07ce7979255d23075a3e219ab0913a87d7cf6","first_seen":"2026-05-30T12:25:12.350329Z","last_seen":"2026-05-30T18:15:18.802298Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":747,"receive":527,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/bootstrap/js/home.js","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/bootstrap/js/home.js HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 14 Jul 2025 03:49:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68747e66-16aa\"\r\nexpires: Sun, 31 May 2026 00:26:33 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5802,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"16c93ef01acd14ec64c07020d638253e","sha1":"9c7b9d1a61977675c7f128bf2e27093d3cfe37f6","sha256":"f0795e9620ff382d585e15e40f303b394863fc5fa3dbdecd140adcbc4e51ffd2","sha512":"218d41ff60e128ff13105f9d376cfac1b80401527884da7b6179bab1fe8e9aa9e5959873bc5385798c8a5c6fb7aedce8e68b17112833cc16c096e0dc214d35ea","ssdeep":"96:6P7fgtAVMsSMCM1vUrp8KtQJQ1l/2o3RV0uRC6v6qyS+KQkIF:6P7fg+VSVAvUr2KaG1Zd3YuRriqyDKQH","tlshash":"91c1551a62b42433447775bb97af57c477212087b8c6ec393dfcc6080f845aa59f1aea","first_seen":"2025-10-09T23:37:04.756251Z","last_seen":"2026-06-24T13:55:43.597739Z","times_seen":938,"resource_available":true,"data":null}},"time_used":742,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":742,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/cover/sportsf2com/why1-33.webp","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/cover/sportsf2com/why1-33.webp HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: image/webp\r\ncontent-length: 131220\r\nlast-modified: Sat, 28 Feb 2026 20:44:08 GMT\r\netag: \"69a35398-20094\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":131220,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 837x558, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"bbd621feeabbaf4c1a41e1126891defc","sha1":"a77cf57f9ba1d854c3a357b90854253c6f6e2b91","sha256":"11c8bc8c4d1b99a7cf76b9cf1e8e24ee6eac3d43af769da9590823233bddfb6b","sha512":"415add8347fadf3ba766b2499bcab4eb327e602983cfc4e2f6fd002f6f01b88ed4d60d0a8ae52d726f48f52ba9a543e005bc011d5b824ba126f0314d7492cf7c","ssdeep":"3072:0YKV9lYJ3ufesJnFcLOVaxwCAGlyacr5C2:w9lYJeVFbVKwEy7r5N","tlshash":"17d312ef757db401daaf552e8f1ac5616a237dcd9987c08e7ec880b92709d033c45aca","first_seen":"2026-05-30T12:25:12.356961Z","last_seen":"2026-05-30T18:15:18.778632Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1532,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":746,"receive":786,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/cover/sportsf2com/why3-33.webp","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/cover/sportsf2com/why3-33.webp HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: image/webp\r\ncontent-length: 65278\r\nlast-modified: Sat, 28 Feb 2026 20:44:08 GMT\r\netag: \"69a35398-fefe\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65278,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 830x553, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b16dd7df93d4c75813cf54f44281fea0","sha1":"628bea2cd354e8b8131de6aa25a2814844d93879","sha256":"e147ec7f9cbc86fd0514c3df776db68b036e70fb963e770aef4f1e3a07342c29","sha512":"f9db90c52203e6cbe57aa12e3ec262cece9deab89dee80ae962784783a511a543e5ed78cdfa6a61b359caf89ddc80bda4dbc02f04c604f52cbe9589f44ab2993","ssdeep":"1536:EfAPoSnOM75bvVLTqc65o1lRKjoViwFuMqOY:EfAwSn7755LTqg1bWmDqOY","tlshash":"545302170452094ba89bca4814b0c9fc5d0fe1e6cb518a15a8e95eccfd1f7ed6a23c7c","first_seen":"2026-05-30T12:25:12.365914Z","last_seen":"2026-05-30T18:15:18.794286Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":745,"receive":523,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"203.91.74.202:41669/static/picture/tycpc.png","fqdn":"203.91.74.202","domain":"203.91.74.202","tld":""},"ip":{"addr":"203.91.74.202","port":41669,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://203.91.74.202:41669/","date":"2026-05-30T12:26:34.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 06:59:32 GMT","end":"Sat, 30 May 2026 22:59:31 GMT"},"fingerprint":{"sha1":"FF:96:6B:B7:4B:27:6E:85:15:14:1B:F7:24:B0:4A:16:5C:D6:05:A4","sha256":"CF:90:24:95:F6:55:00:7C:37:61:D0:54:3C:D9:8C:20:C7:2F:7F:EF:5E:D5:1A:2E:9E:4E:37:4F:60:FF:40:1A"}}},"request":{"raw":"GET /static/picture/tycpc.png HTTP/1.1\r\nHost: 203.91.74.202:41669\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://203.91.74.202:41669/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:34 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Feb 2026 09:51:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"699d74b1-4d7b\"\r\nexpires: Mon, 29 Jun 2026 12:26:34 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19835,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 162 x 60, 8-bit/color RGBA, non-interlaced","md5":"9cccfc8ca4e4f50e4155a906a42666cb","sha1":"6687ef39ed3ba532124b8155234e819655ac0827","sha256":"38fa753bd6894fd8b0fdd94ba7e7bd9da32cb1e58017c44ce0147afba97b4841","sha512":"4e5e74b92841a16efc4cad516894bdaa1eca4ccdca290bcb36bbaa68cbe2011a6d12005f5bc2946532bbddc4e73161589ab3a296a734b78ad12aaa540bed9cca","ssdeep":"384:nC4JlgpsDv49JmGFnsvbCU5jAEVzJ0smbzRgZGme584WLMM0tq5PHcMV:Ccw9J9FybCUTzJ0smbZhwPH5","tlshash":"ba92e1cc99b518a51940f1dc2f338a48cfe9112c29e58776b1d377a2d94ae6f307c60b","first_seen":"2025-02-07T02:11:03.006958Z","last_seen":"2026-06-24T13:55:43.601708Z","times_seen":585,"resource_available":false,"data":null}},"time_used":1077,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1077,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/swiper/css/swiper-bundle.min.css","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/swiper/css/swiper-bundle.min.css HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 08 Jul 2025 00:36:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"686c681a-4691\"\r\nexpires: Sun, 31 May 2026 00:26:33 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18065,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (17812)","md5":"ea28ae0aaf82709381c57d6a7daa7a05","sha1":"a7c528dc9018aeefed9a52337168decb220e2f61","sha256":"af8545de3876815292506711e1369bff9dfe57ec7e04c45c3e1bdac48a11f3b2","sha512":"9c63402a957e06b7c365a6cf5f53baaba991953e7bfda99d8feeaf177db6a2782a28004b1d82df2dcde362d5556e4891f6da300d63cf13d816144dadb1920f66","ssdeep":"192:1VmUJbiKne0JlXZHZ+Sme+jexS4nxep/a2GZb0Q5nfufKlAYfg5fyeesedOJ9A5Q:1gUbe0JdZHZ+W+SFnZ24tlWfF4XYz","tlshash":"d08245a85340282753274f364b71cbb9dd7444d20f9389ae91c0ee48d7f6db9132f6a9","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-06-24T13:55:43.588931Z","times_seen":5399,"resource_available":false,"data":null}},"time_used":532,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":532,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/cover/sportsf2com/why2-33.webp","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/cover/sportsf2com/why2-33.webp HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: image/webp\r\ncontent-length: 145476\r\nlast-modified: Sat, 28 Feb 2026 20:44:08 GMT\r\netag: \"69a35398-23844\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":145476,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 839x559, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"74ac478f9f816e068e8dbc38610ed31f","sha1":"f16e38ab0f0c078296b0fc7f5b9b3f67182707aa","sha256":"b7de560a92a8b9a0193af4b16f063fa5b7c8202971a55e7a19fa3a68b7382f56","sha512":"5155e677aa53cd728df21baf35785f2dfbf490706d641ec5a366621a87c3982eb8dd6cb52b4399057f3bddd6d85e6e2f6506421374993888687a4a9b3e130109","ssdeep":"3072:EeFbN9Yi9EtOG2yEDiLp57YZaFt1eBbrOGjhdZBM7NIMJiV:RFb8iXGZEWLpNea9RovB26","tlshash":"95e31247db9e786ce0f66898e4520f3444a2eddf5bc2669d670e30002d27e869ac1f1e","first_seen":"2026-05-30T12:25:12.35888Z","last_seen":"2026-05-30T18:15:18.781736Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1535,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":746,"receive":789,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/e/dongpo/tz/tj.js","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /e/dongpo/tz/tj.js HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 808\r\nlast-modified: Fri, 20 Feb 2026 16:17:53 GMT\r\netag: \"69988931-328\"\r\nexpires: Sun, 31 May 2026 00:26:33 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (554)","md5":"1bf60b5cf9c764caf9e85228dc7bfc33","sha1":"22b0d1971d7ec1ec3bb55ff4771752db18eab9ef","sha256":"1a32c475f692c3c84f550cc194a92fff3df6368293bbec3b8e67a42bc2d92306","sha512":"681c26eab518649736ea2c6302120b5a61e0b0749375c8933c7c890b6195de0c6e09a4184c9af8c5fd0f5e5eeda63ba803574bee4c44737899ccd18ce14c97c9","ssdeep":"","tlshash":"8601f11f7c25e13463921c2d23bbdadcf5ad2016101dc80654dec4ad6c34ff9042ab4c","first_seen":"2026-03-03T01:17:34.078046Z","last_seen":"2026-06-24T13:55:43.562188Z","times_seen":554,"resource_available":true,"data":null}},"time_used":1002,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":742,"receive":260,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?c07eb39b85a98c006261a3a263eb36c6","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:33.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?c07eb39b85a98c006261a3a263eb36c6 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11291\r\nContent-Type: application/javascript\r\nDate: Sat, 30 May 2026 12:26:38 GMT\r\nEtag: b8939b71d3fe4da162b0195998bcdda5\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=46768E911EBF2EF8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29897,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (621)","md5":"7e942dac9986ba6ebeb9e88afd6e3b36","sha1":"3c583c7ea9bcca420da2f47328c52ebdd3321a10","sha256":"7fc04e5741143107a10faa18dd169eb30d72c0a94b9abb63de43755bff230f63","sha512":"adad5c707a77afb3283e4963af72904e12b0e0589285b2457511f386944327335b0660e7fcd12b23b20cb19ad07cc6e0b34823dd303549ba93c6509d2ff22909","ssdeep":"384:N9JSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:N94VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"90d2d9a9b282713293a324a5153f324ef07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2026-05-30T12:26:57.382016Z","last_seen":"2026-05-30T12:26:57.382016Z","times_seen":1,"resource_available":true,"data":null}},"time_used":7232,"timings":{"blocked":2980,"dns":1,"connect":1558,"send":0,"wait":1268,"receive":1,"ssl":1420},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/ico/favicon33.ico","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:34.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/ico/favicon33.ico HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:34 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 16958\r\nlast-modified: Tue, 08 Jul 2025 19:42:24 GMT\r\netag: \"686d74a0-423e\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16958,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel","md5":"0b05494fab8bcfcc6ff8b2a34e475fc9","sha1":"79bc941fac047d6589bbb4ceb44aa2155f90162e","sha256":"7444d3939f2167389c2efd0fe058fcc36e130dfd1443acf340648f463587815a","sha512":"4074b046fff24d64a3956b80a5e0385f8723e2477c6918ae6c2191a59262ddd3cbbe1375612487cdf1bf9ca89ad540b0628afde3d7fa3368848148f2760c1353","ssdeep":"384:cD7DA30Mp2b9lNMzX4ZiF47Nf8CDEjIfDP6:QCpkiX4m8Nf8CDbDP6","tlshash":"4b72b5647784d70bc9011d394846977a225b1c9cb4c5c112feeefeab7e6e0caccac499","first_seen":"2026-04-14T20:09:19.681903Z","last_seen":"2026-06-19T14:09:13.346476Z","times_seen":10,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"203.91.74.202:41669/static/picture/wnspc.png","fqdn":"203.91.74.202","domain":"203.91.74.202","tld":""},"ip":{"addr":"203.91.74.202","port":41669,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://203.91.74.202:41669/","date":"2026-05-30T12:26:34.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 06:59:32 GMT","end":"Sat, 30 May 2026 22:59:31 GMT"},"fingerprint":{"sha1":"FF:96:6B:B7:4B:27:6E:85:15:14:1B:F7:24:B0:4A:16:5C:D6:05:A4","sha256":"CF:90:24:95:F6:55:00:7C:37:61:D0:54:3C:D9:8C:20:C7:2F:7F:EF:5E:D5:1A:2E:9E:4E:37:4F:60:FF:40:1A"}}},"request":{"raw":"GET /static/picture/wnspc.png HTTP/1.1\r\nHost: 203.91.74.202:41669\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://203.91.74.202:41669/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:34 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Feb 2026 09:51:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"699d74b1-1eb7\"\r\nexpires: Mon, 29 Jun 2026 12:26:34 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7863,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 172 x 60, 8-bit/color RGBA, non-interlaced","md5":"6e6f3e6c749737e6c347ec25d39b3eb1","sha1":"076c805bf394c7996a58202e333827837c8b1378","sha256":"391138ddf53bc321563b3d17fe0f37f5b40efba65fc661dbfa239a2b2184ec65","sha512":"b4621a8e30b49a48b1b13e9582c260b02d42ab2cc2509d59e56cf85028eec3dd165e255dff5c61e689ad8b4eaabe74852185efb2764da5c0ec1133a2ccb02a3d","ssdeep":"192:FQSFq7yL2y34yuuSzYUfBY2kCf9pDnA3+O07Zu86U9S0aN:zFjLX3u1YU5sCzA3hEu86sSLN","tlshash":"26f1ae6b1553fcb469dda7e92063af6082136f48b0077a12fb2b29748135fe5f44aa13","first_seen":"2023-09-28T01:03:26Z","last_seen":"2026-06-24T13:55:43.587455Z","times_seen":611,"resource_available":false,"data":null}},"time_used":809,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":809,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/cover/sportsf2com/security-33.webp","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/cover/sportsf2com/security-33.webp HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: image/webp\r\ncontent-length: 40958\r\nlast-modified: Sat, 28 Feb 2026 20:44:08 GMT\r\netag: \"69a35398-9ffe\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40958,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 696x464, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0887ab172923bca27cf989b9a692de0b","sha1":"499a777a54ee985c8b38b918b15717ed7207bc06","sha256":"49b9cfae8aac8324d710dc5a51285af36d032fd40719fcfaad0c086a5dbf90e3","sha512":"74e7cc9e6f678e808d97a17864097fb9530dd7d4f108c5a544efa29a2f72d043cc9f81a2742d7a146bc619476f47dc9153ffd5c157292b750e2c5c1d23b90e88","ssdeep":"768:DPIjX6KGHSGEu7UaM53m/DyGjJKrV8q/nQcDZuhSUPqPbfr1Pof9VuwCQMvkH4jw:DP8xGEwM53Q3gxt/n/0wUPqPjrOqQv","tlshash":"5503e1a7bc7e4299ff4e6c4b1dd10eeb0a109811f25c9a7abbec54a5286e0cb580c510","first_seen":"2026-05-30T12:25:12.324567Z","last_seen":"2026-05-30T18:15:18.765033Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":744,"receive":525,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/cover/sportsf2com/app-33.webp","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/cover/sportsf2com/app-33.webp HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: image/webp\r\ncontent-length: 161508\r\nlast-modified: Sat, 28 Feb 2026 20:44:09 GMT\r\netag: \"69a35399-276e4\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":161508,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 845x563, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4ae62babc704f7afc9076021618cc5be","sha1":"0b6733250dcc851b6e1593ff1f23d047f57ed71e","sha256":"d53b719787df66bf4c8e73541ed37237689a57a968b955aadfe64bbe318d1ea1","sha512":"1540dfaff4eb46824feb04dac569602b9a099497d3b1adafffd249953c022e4b632596519b13e8b8bb3463e810fda59ea73a09e418cd512200cd848ba6ed6224","ssdeep":"3072:nkgldHraiRZHRkJz7/WQFA6pN2h9hyuxxAfpjYxy8OLRZ7bcGnY0Eeo2upZykyO1:kg/aiRZHW+QFA6peMaaf73BvmZene","tlshash":"adf313a83c81a755fff045e9e7787827be2818801131717c5b789a8f7f18e287a7146e","first_seen":"2026-05-30T12:25:12.345646Z","last_seen":"2026-05-30T18:15:18.773413Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1538,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":743,"receive":795,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/bootstrap/js/bootstrap.bundle.min.js","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 01 Jul 2025 15:41:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"686401bc-13bb5\"\r\nexpires: Sun, 31 May 2026 00:26:33 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80821,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"21d4551af5cc4ed4d818bdbdfea8c358","sha1":"df272a07ed30eaf8025b699c45736ba9d284e4d4","sha256":"35f4547d9364111aca4850347356bc5660a994f0d8b694d88f995098a7b547fa","sha512":"4dcd22faf4688265f834deedb8b6d07c1c5af0991f512031485573994df59d5747ca21c494f3f2d9c59f15a7260892b0d15aa8bebcca85d7764d24cc740c69da","ssdeep":"1536:/SwJiEbnTl6R2t49CFliFCIg/yWszSraJd5qUFH9tZwcE+iYZMgZdj:6wfs+SSO5q4tZwcEVYZFj","tlshash":"2383b5593244b8730ade85b68037430bf2265998b14b812cb57cadde2a7dcc67277f78","first_seen":"2025-06-18T01:20:12.005242Z","last_seen":"2026-06-24T13:55:43.590506Z","times_seen":2294,"resource_available":true,"data":null}},"time_used":743,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":743,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/swiper/js/swiper-bundle.min.js","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/swiper/js/swiper-bundle.min.js HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 02 Jul 2025 15:58:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6865571e-22512\"\r\nexpires: Sun, 31 May 2026 00:26:33 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":140562,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65283)","md5":"21b78ba7133b3d67cf8b09cd6a26d386","sha1":"ea59f37b232db6dee2694078bf21e153a09bacdd","sha256":"6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5","sha512":"dc48bb38f168f37930ddc3db0cb78b867fd817cb5907b56cf2c7e58b407f2847a4bab78be5ea2c0deb216052020afb782bc8b4c948a5fe52b77128a27365a392","ssdeep":"1536:TIJQfGP7LP8NEuWGKF+IlzholxU/2Bkt+9SD8jv1nTHlU9ymp8Mj0HEOS5hAsVuZ:0JCN+TXD2BkQZFU9tp8Mj0k95h5cpnv","tlshash":"02d3f8896221b57646e316db93e4c221a3b50544b80ac8f470bd4c9f597ec9813feffa","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-06-24T14:41:59.400039Z","times_seen":4818,"resource_available":true,"data":null}},"time_used":742,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":742,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"203.91.74.202:41669/static/js/link.js","fqdn":"203.91.74.202","domain":"203.91.74.202","tld":""},"ip":{"addr":"203.91.74.202","port":41669,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://203.91.74.202:41669/","date":"2026-05-30T12:26:34.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 06:59:32 GMT","end":"Sat, 30 May 2026 22:59:31 GMT"},"fingerprint":{"sha1":"FF:96:6B:B7:4B:27:6E:85:15:14:1B:F7:24:B0:4A:16:5C:D6:05:A4","sha256":"CF:90:24:95:F6:55:00:7C:37:61:D0:54:3C:D9:8C:20:C7:2F:7F:EF:5E:D5:1A:2E:9E:4E:37:4F:60:FF:40:1A"}}},"request":{"raw":"GET /static/js/link.js HTTP/1.1\r\nHost: 203.91.74.202:41669\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://203.91.74.202:41669/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:34 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 30 May 2026 04:30:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a1a67fa-6ce\"\r\nexpires: Sun, 31 May 2026 00:26:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1742,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"07656313ac417c5884c6617ff8958ad6","sha1":"7753bf455cf36cb1d857ec4240f2d7c9d5dcc7fc","sha256":"2f9484b65a25cba389a89535fdd5bfa948309189bd937c6035666602c91fb638","sha512":"e580c87e5824a30fef67e3ba305f5c49d10d65d065cfef83b1a0a073fbd68f4d413adbc99e153e69606279ff3227fc704b4471c288c6d6d35194489a53e6f2b4","ssdeep":"","tlshash":"9d31cc58e6d03c260d2748a7685b2d04f593410bbc5aec42f69d4ac0dfb2b2e4f7ace4","first_seen":"2026-05-30T05:44:44.084902Z","last_seen":"2026-05-31T23:53:12.261494Z","times_seen":13,"resource_available":true,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"203.91.74.202:41669/static/picture/xpjpc.png","fqdn":"203.91.74.202","domain":"203.91.74.202","tld":""},"ip":{"addr":"203.91.74.202","port":41669,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://203.91.74.202:41669/","date":"2026-05-30T12:26:34.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 06:59:32 GMT","end":"Sat, 30 May 2026 22:59:31 GMT"},"fingerprint":{"sha1":"FF:96:6B:B7:4B:27:6E:85:15:14:1B:F7:24:B0:4A:16:5C:D6:05:A4","sha256":"CF:90:24:95:F6:55:00:7C:37:61:D0:54:3C:D9:8C:20:C7:2F:7F:EF:5E:D5:1A:2E:9E:4E:37:4F:60:FF:40:1A"}}},"request":{"raw":"GET /static/picture/xpjpc.png HTTP/1.1\r\nHost: 203.91.74.202:41669\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://203.91.74.202:41669/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:34 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Feb 2026 09:51:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"699d74b1-5800\"\r\nexpires: Mon, 29 Jun 2026 12:26:34 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22528,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 183 x 55, 8-bit/color RGBA, non-interlaced","md5":"c53d923594566be7e0e41e8d720c0ac0","sha1":"e16a4b701d10291bbff90178e8b0d5f576e00821","sha256":"021994557d1d9642fdc16a0d8f6e471bec81bea7f366de6ef631f536c165418b","sha512":"554f7d6d44d26905610a65e21bd157ec30fef501c356e97787deca22f9089216f59e284f0effab7b18da89134af594d4ffd5eed889b1b5a4d5a5412456b9832e","ssdeep":"384:QfchEzlZmrXTjUDkJe2tERBxq2ceTdr1lFJ3d2Oo+UQSYJshjRHXvcQ:QfchEzrmrXTjUhP42cKpFJ3lo+UHYa//","tlshash":"fba2e0f1f36ff1b54a924d554cf8e2b080978942e088ee6135cb204acade8d31d993e7","first_seen":"2023-05-07T20:04:35Z","last_seen":"2026-06-24T13:55:43.586402Z","times_seen":727,"resource_available":false,"data":null}},"time_used":810,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":810,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"203.91.74.202:41669/","fqdn":"203.91.74.202","domain":"203.91.74.202","tld":""},"ip":{"addr":"203.91.74.202","port":41669,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:33.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 06:59:32 GMT","end":"Sat, 30 May 2026 22:59:31 GMT"},"fingerprint":{"sha1":"FF:96:6B:B7:4B:27:6E:85:15:14:1B:F7:24:B0:4A:16:5C:D6:05:A4","sha256":"CF:90:24:95:F6:55:00:7C:37:61:D0:54:3C:D9:8C:20:C7:2F:7F:EF:5E:D5:1A:2E:9E:4E:37:4F:60:FF:40:1A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 203.91.74.202:41669\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:34 GMT\r\ncontent-type: text/html\r\nlast-modified: Thu, 21 May 2026 05:02:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0e9203-2023\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8227,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"5fdccba015a613049db07a5936805ece","sha1":"18efba7fd60f2ebe50bbfb8fea48677dc433d506","sha256":"29ea1947d7ce4ea2ce76d89053fad7ace6927465ac0d218a7a9b21a01b71f0b2","sha512":"49829eb4b7dd115b91211d0e3567598ee1475d7e8a02ac8737e7b9af62476fdcbf40828b0d6379e9709fccf42ae87d31999fe391338613d889ae9ca25c580baa","ssdeep":"192:irnMZjBPCpnDZ0CPBfE/k1mp6rPlyJzmRF4sAAt+:ljmX7AAt+","tlshash":"8702761661e3115b2922d1a66fb3171b6664d407c20bc9997fcc15cdef89ac9c8a738c","first_seen":"2026-05-22T23:35:31.170554Z","last_seen":"2026-06-08T02:36:24.878142Z","times_seen":89,"resource_available":false,"data":null}},"time_used":1374,"timings":{"blocked":551,"dns":0,"connect":270,"send":0,"wait":272,"receive":0,"ssl":278},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-30T12:26:30.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:32 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18482,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (13959), with no line terminators","md5":"5770d6be09514b7bf52537337a35c523","sha1":"71f225d5ee5e143033f8436291741889d8c8ce04","sha256":"8191ec5daea902336333dc8db7511a582929f6b09fdb5edabba2a97d1d699f8e","sha512":"f1039b854edd46a86a8f93a974ae76032ce4bc50a49fe0da9281290ad6d07dd1949936aa8469a3df600b98aa0af756471cbe2426e5e37008e8149825c13b8642","ssdeep":"192:J75tO2uIrSBEERd3SJQe73OGE4PLZSLZbuAYqgClcCVFoH3pOHB:Jf1umSBX3See73OGTtSNVgbCIXKB","tlshash":"1782b63361e175bf06575ae9b124b34e21fbd20dce6b4d64aff683c827c4ea1865120a","first_seen":"2026-05-30T12:25:12.340948Z","last_seen":"2026-05-30T18:15:18.786494Z","times_seen":3,"resource_available":true,"data":null}},"time_used":3872,"timings":{"blocked":1561,"dns":1,"connect":1290,"send":0,"wait":750,"receive":0,"ssl":267},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/fontawesome/webfonts/fa-solid-900.woff2","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:33.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/skin/fontawesome/css/all.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 158220\r\nlast-modified: Fri, 13 Dec 2024 00:50:06 GMT\r\netag: \"675b84be-26a0c\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":158220,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 158220, version 775.1280","md5":"4a6591ab5460ae5cbff1ecbd6e52193a","sha1":"7cd8afd6501962fda35d66f0e4c3b8815ac471d8","sha256":"aa75998623a391e61c6901794ace832e3ecdd288b56d608f21bea0411acc0b8e","sha512":"96c5d3283b71613b595b6b0420333bef5d64451af05c59dde27ec5b3e7cfe6e9549c604cddfbcb79cbc0fd4cd6f2e22a130c9a220b1b7ef933ac9df8c8e695d6","ssdeep":"3072:RauSB5FANIRLpsBaBrJGNG3ECNQztRvHHqkqLrlF:guSqN6ptrJGo3POh9KT9F","tlshash":"0ef312a710c6b95684a3a51b336adeb52c3ed363fcb6cd73be340114689da9c2e4d190","first_seen":"2024-12-19T10:41:23.153533Z","last_seen":"2026-06-24T14:41:32.661347Z","times_seen":30057,"resource_available":false,"data":null}},"time_used":739,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":474,"receive":265,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"203.91.74.202:41669/static/picture/jinshapc.png","fqdn":"203.91.74.202","domain":"203.91.74.202","tld":""},"ip":{"addr":"203.91.74.202","port":41669,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://203.91.74.202:41669/","date":"2026-05-30T12:26:34.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 06:59:32 GMT","end":"Sat, 30 May 2026 22:59:31 GMT"},"fingerprint":{"sha1":"FF:96:6B:B7:4B:27:6E:85:15:14:1B:F7:24:B0:4A:16:5C:D6:05:A4","sha256":"CF:90:24:95:F6:55:00:7C:37:61:D0:54:3C:D9:8C:20:C7:2F:7F:EF:5E:D5:1A:2E:9E:4E:37:4F:60:FF:40:1A"}}},"request":{"raw":"GET /static/picture/jinshapc.png HTTP/1.1\r\nHost: 203.91.74.202:41669\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://203.91.74.202:41669/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:34 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Feb 2026 09:51:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"699d74b1-a334\"\r\nexpires: Mon, 29 Jun 2026 12:26:34 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41780,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 295 x 113, 8-bit/color RGBA, non-interlaced","md5":"1d2140363e0fda69f41537010f37ac74","sha1":"9f3791b6ade0a7966dee0253cb698564490e9440","sha256":"65ff8549228320f54f3d93e45194314c43c7cea541241876a57633bb5ac94f92","sha512":"75dd491fe42a57dee94c06e5e389323f0b32a584f3d0223845ea8f945ac9cff401e65cc381f4e8973dd78c14655abfff000186a770df78acddff35e6bb69fa86","ssdeep":"768:fUD/+JUtuV8Sp+uA5mBhYhXXy7I1VzKT26hq34ZhMNg1de0nGtXIIq5y7RYLIXK9:j2SYd1Xy7wVG66BvMNg60KXrsLB","tlshash":"3113f1a116d7074d278849fcda334deec406ab285d19b93ec5f68f34e3846c4d083a66","first_seen":"2025-01-31T12:39:53.036928Z","last_seen":"2026-06-24T13:55:43.60564Z","times_seen":587,"resource_available":false,"data":null}},"time_used":543,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":543,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"203.91.74.202:41669/static/picture/365pc.png","fqdn":"203.91.74.202","domain":"203.91.74.202","tld":""},"ip":{"addr":"203.91.74.202","port":41669,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://203.91.74.202:41669/","date":"2026-05-30T12:26:34.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 06:59:32 GMT","end":"Sat, 30 May 2026 22:59:31 GMT"},"fingerprint":{"sha1":"FF:96:6B:B7:4B:27:6E:85:15:14:1B:F7:24:B0:4A:16:5C:D6:05:A4","sha256":"CF:90:24:95:F6:55:00:7C:37:61:D0:54:3C:D9:8C:20:C7:2F:7F:EF:5E:D5:1A:2E:9E:4E:37:4F:60:FF:40:1A"}}},"request":{"raw":"GET /static/picture/365pc.png HTTP/1.1\r\nHost: 203.91.74.202:41669\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://203.91.74.202:41669/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:34 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Feb 2026 09:51:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"699d74b1-2255\"\r\nexpires: Mon, 29 Jun 2026 12:26:34 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8789,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 189 x 44, 8-bit/color RGBA, non-interlaced","md5":"e0c9d379cd4926e815abd7d25c32f5e4","sha1":"e9a1fb55262d96495f14da278c7242cc3fda956b","sha256":"7b50586f667edbeb0c3d573a44d40742354c385a2d7ae1971aa4b0173c11173d","sha512":"519aaeff0baab73e269e86413df78c8563728cb4b1f17e448877c4853a726df366f201b9e869078a4fa460517530a84b5ae9da4290511aeb4d0b93aecb9ac99c","ssdeep":"192:6ZTS99EegUNgEBTJ35PgUUxiKlqSvxV5mG5pqghmCoTHV0:2YzgogEr35Y7cK1YGmAMT+","tlshash":"1e02a0bc5a62079b3d1aa9f8172c54f1fdd070eb411f7c99947d201b0c68a1c83af4a3","first_seen":"2025-01-31T12:39:53.02929Z","last_seen":"2026-06-24T13:55:43.560392Z","times_seen":588,"resource_available":false,"data":null}},"time_used":812,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":812,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"203.91.74.202:41669/static/picture/1552215839168.png","fqdn":"203.91.74.202","domain":"203.91.74.202","tld":""},"ip":{"addr":"203.91.74.202","port":41669,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://203.91.74.202:41669/","date":"2026-05-30T12:26:34.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 06:59:32 GMT","end":"Sat, 30 May 2026 22:59:31 GMT"},"fingerprint":{"sha1":"FF:96:6B:B7:4B:27:6E:85:15:14:1B:F7:24:B0:4A:16:5C:D6:05:A4","sha256":"CF:90:24:95:F6:55:00:7C:37:61:D0:54:3C:D9:8C:20:C7:2F:7F:EF:5E:D5:1A:2E:9E:4E:37:4F:60:FF:40:1A"}}},"request":{"raw":"GET /static/picture/1552215839168.png HTTP/1.1\r\nHost: 203.91.74.202:41669\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://203.91.74.202:41669/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:34 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Feb 2026 09:51:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"699d74b1-2a6b0\"\r\nexpires: Mon, 29 Jun 2026 12:26:34 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":173744,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 488 x 147, 8-bit/color RGBA, non-interlaced","md5":"ce2e5b88612ff5d0c083357995805cb1","sha1":"ee211057d855fb16fcbbc4dd280c54d0e8be9445","sha256":"8d2484ecd64a9270ab446bebd54998c84015ccac62e322332ff027218cc11c54","sha512":"5c3a7cc91ed1cc8f9064538fd154dd31addf4705eea3767bd444c06cc64dfedc9bdccee584936bd2b6a4f142820d0bdd74213497247a59759e89d79fa5bfd896","ssdeep":"3072:7jOt+RYVDFMiydCbjFViIj2qBEn0uzBdtt/jU4SyaguPpoQE3TqtGMFR++gcKiYF:fOARYVFMiyyhViycrTLw4vagkpoQE3T/","tlshash":"c204124c9c4413f186c9f265e2068884e57fc915427c342b37c9e3fb4da6a4927baf32","first_seen":"2023-09-28T01:03:26Z","last_seen":"2026-06-24T13:44:34.936848Z","times_seen":698,"resource_available":false,"data":null}},"time_used":1076,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1076,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"203.91.74.202:41669/static/picture/dafa2.png","fqdn":"203.91.74.202","domain":"203.91.74.202","tld":""},"ip":{"addr":"203.91.74.202","port":41669,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://203.91.74.202:41669/","date":"2026-05-30T12:26:34.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 06:59:32 GMT","end":"Sat, 30 May 2026 22:59:31 GMT"},"fingerprint":{"sha1":"FF:96:6B:B7:4B:27:6E:85:15:14:1B:F7:24:B0:4A:16:5C:D6:05:A4","sha256":"CF:90:24:95:F6:55:00:7C:37:61:D0:54:3C:D9:8C:20:C7:2F:7F:EF:5E:D5:1A:2E:9E:4E:37:4F:60:FF:40:1A"}}},"request":{"raw":"GET /static/picture/dafa2.png HTTP/1.1\r\nHost: 203.91.74.202:41669\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://203.91.74.202:41669/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:34 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 21 May 2026 05:02:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0e91fb-880d\"\r\nexpires: Mon, 29 Jun 2026 12:26:34 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34829,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 299 x 79, 8-bit/color RGBA, non-interlaced","md5":"cd8c9178b347f37c9bef76b8f675e3e0","sha1":"1e14408dd2512718208a674236ebbcb4442d3bef","sha256":"488ecf2fc34918b7a5e0c41b0538b6a6907d7f2f84e5df8e367b4b25f5efe454","sha512":"01b8e067c463405404750d9d892b5f6c1dbfd74d19800e7acf0bfcac4d2ed9d0ab7769788b68e518d4e2c31185829696b620b25d562655848747ac4df98395c6","ssdeep":"768:1KEXfnummCpkmHFV6NACX1aXu45xX6piNtn8MMIpO2jQ115gd8Wy:1Kmfn/mm0XcX/96wNtnDO2jQDOdFy","tlshash":"10f202dbfb6b16e89d851b6c21966c0c02c7869bc7fa94f1943a0c3256dce05a97cf90","first_seen":"2026-04-08T23:53:33.224031Z","last_seen":"2026-06-24T13:55:43.588075Z","times_seen":128,"resource_available":false,"data":null}},"time_used":1077,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1077,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=46768E911EBF2EF8\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1379134516\u0026si=c07eb39b85a98c006261a3a263eb36c6\u0026v=1.3.2\u0026lv=1\u0026sn=16793\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fsportsf2.com%2F\u0026tt=%E4%BD%93%E8%82%B2%E4%B8%8B%E6%B3%A8%7Cnba%E6%8A%95%E6%B3%A8%E5%B9%B3%E5%8F%B0%7C%E7%AB%9E%E5%BD%A9%E8%B6%B3%E7%90%83%E6%8A%95%E6%B3%A8%20SPORTS%20GAMES","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:38.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=46768E911EBF2EF8\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1379134516\u0026si=c07eb39b85a98c006261a3a263eb36c6\u0026v=1.3.2\u0026lv=1\u0026sn=16793\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fsportsf2.com%2F\u0026tt=%E4%BD%93%E8%82%B2%E4%B8%8B%E6%B3%A8%7Cnba%E6%8A%95%E6%B3%A8%E5%B9%B3%E5%8F%B0%7C%E7%AB%9E%E5%BD%A9%E8%B6%B3%E7%90%83%E6%8A%95%E6%B3%A8%20SPORTS%20GAMES HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Sat, 30 May 2026 12:26:44 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=3F8214D857D56A57; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-24T14:07:04.951629Z","times_seen":369282,"resource_available":true,"data":null}},"time_used":6756,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6755,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/skin/cover/sportsf2com/why4-33.webp","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /skin/cover/sportsf2com/why4-33.webp HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: image/webp\r\ncontent-length: 31824\r\nlast-modified: Sat, 28 Feb 2026 20:44:08 GMT\r\netag: \"69a35398-7c50\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31824,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 566x318, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8a1161b708a73c57da8835fb92df4829","sha1":"917f9d64495787120336d55365fe19343702943a","sha256":"749fd70764736c14332596e9f875123bf56d4ff5cab98462dc64583d6963a05c","sha512":"0770c81baaf56c908e156907d4a4b1be3041b87ebceb40459f566455659ddfd5dcba961e989fb5a2b62281b5bf908f0549223598f2dfc55b0a4984121374b15f","ssdeep":"768:0CC0/Tq4bcq+/H4mC5x4YsCejw0wZ3wiI71E2bom+0hlr:0CD+4T5uYPejYZ307+2boS","tlshash":"5ee2f1ce111b4b1336180b9c66dc35a36da461d5aa7a5fb9601998ceb3ff60543f007f","first_seen":"2026-05-30T12:25:12.380236Z","last_seen":"2026-05-30T18:15:18.783314Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":744,"receive":524,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.174.227.28","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:34.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.51.la","organization":""},"issuer":{"commonName":"Keymatic Secure Domain RSA CA G1","organization":"PKI(Chongqing) Limited"},"validity":{"start":"Wed, 01 Apr 2026 06:48:26 GMT","end":"Fri, 16 Oct 2026 15:59:59 GMT"},"fingerprint":{"sha1":"F0:4F:0E:62:84:89:BD:2B:8E:53:1E:AC:20:70:16:C2:F7:E9:C1:C0","sha256":"54:9F:ED:D0:8F:D4:0A:5F:31:95:55:FD:E0:E6:13:F2:09:8C:39:E1:01:31:98:FA:1D:DC:20:CD:20:19:7C:F5"}}},"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 409\r\nOrigin: https://sportsf2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 210 No Reason Phrase\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://sportsf2.com\r\naccess-control-allow-credentials: true\r\nserver: TencentEdgeOne\r\nage: 0\r\ncontent-length: 0\r\ndate: Sat, 30 May 2026 12:26:34 GMT\r\neo-log-uuid: 967106775027959907\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-24T14:14:25.85347Z","times_seen":16682511,"resource_available":true,"data":null}},"time_used":368,"timings":{"blocked":94,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sportsf2.com/e/dongpo/tz/tz.js","fqdn":"sportsf2.com","domain":"sportsf2.com","tld":"com"},"ip":{"addr":"156.227.104.133","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sportsf2.com/","date":"2026-05-30T12:26:32.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zone-fhsports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 12:05:06 GMT","end":"Thu, 11 Jun 2026 12:05:05 GMT"},"fingerprint":{"sha1":"8D:BF:96:51:A8:F3:71:C2:61:3A:FE:91:63:2E:01:EA:7B:CB:8C:2C","sha256":"1B:BC:75:6C:21:44:4B:C3:B0:C8:C6:54:36:2D:6C:C7:7D:D7:51:A6:10:63:97:7E:D4:9A:A8:E9:8A:FF:D9:C9"}}},"request":{"raw":"GET /e/dongpo/tz/tz.js HTTP/1.1\r\nHost: sportsf2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sportsf2.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 30 May 2026 12:26:33 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 19 May 2026 14:19:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0c715e-486\"\r\nexpires: Sun, 31 May 2026 00:26:33 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1158,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"1b6be6097bca254529370543a0d8c994","sha1":"6ed4294a5aeda373a9130a007982295aafc03670","sha256":"4fab45ac7742ee3c04eba44a58376f505a7532fd37f259912f2a39abd5d4bb69","sha512":"5c8c4aef4c2ff9e398aa33526b17b44b6a55d6a3362d5bde1debdccfbf57ce75fd0c85cbb0d9eab3e5c2b91a8d537aaf5445e09d6c54c390ac41de60e602e306","ssdeep":"","tlshash":"2d21af7fae630254901691592bba776c3e3a001b6301c8307afcfe685f53f429483bd4","first_seen":"2026-05-19T23:42:22.369025Z","last_seen":"2026-05-31T06:37:50.642658Z","times_seen":34,"resource_available":true,"data":null}},"time_used":743,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":743,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"sportsf2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}