{"report_id":"a183963c-9f13-4e1b-b786-27afe44a1f94","version":6,"status":"done","tags":[],"date":"2026-01-08T16:43:42Z","url":{"schema":"http","addr":"rojadirectafhd.com/","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":0,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"final":{"url":{"schema":"https","addr":"rojadirectafhd.com/","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"title":"Roja Directa TV - Ver Fútbol, NBA, F1 y Más en Vivo Calidad HD","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rojadirectafhd.com/","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":0,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-12T16:43:42Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"bvtpk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"rojadirectafhd.com","ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"domain_registered":"2025-04-13","domain_rank":0,"first_seen":"2026-01-08T16:43:43.682178Z","last_seen":"2026-01-08T16:43:43.682178Z","alert_count":60,"request_count":30,"received_data":393552,"sent_data":14066,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Moment.js","description":"Moment.js is a free and open-source JavaScript library that removes the need to use the native JavaScript Date object directly.","website":"https://momentjs.com","common_platform_enumeration":"cpe:2.3:a:momentjs:moment:*:*:*:*:*:*:*:*","icon":"Moment.js.svg","categories":["JavaScript libraries"]},{"name":"jQuery UI:1.11.2","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-01-04T22:21:06.427471Z","alert_count":0,"request_count":3,"received_data":515253,"sent_data":1363,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"img.golazoplay.com","ip":{"addr":"185.59.220.199","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"domain_registered":"2024-11-04","domain_rank":2946415,"first_seen":"2025-02-05T18:51:03.529772Z","last_seen":"2025-12-11T15:53:23.286834Z","alert_count":0,"request_count":6,"received_data":18471,"sent_data":2777,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]},{"name":"Strapi","description":"Strapi is an open-source headless CMS used for building fast and easily manageable APIs written in JavaScript.","website":"https://strapi.io","common_platform_enumeration":"","icon":"Strapi.svg","categories":["CMS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-01-04T22:27:18.120727Z","alert_count":0,"request_count":1,"received_data":2934800,"sent_data":466,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"golazoplay.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-11-04","domain_rank":263012,"first_seen":"2019-11-29T20:54:34Z","last_seen":"2025-12-11T15:53:23.246663Z","alert_count":0,"request_count":1,"received_data":26141,"sent_data":492,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"img.icons8.com","ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"domain_registered":"2011-10-04","domain_rank":218854,"first_seen":"2017-05-26T09:10:54Z","last_seen":"2026-01-06T13:49:16.709124Z","alert_count":0,"request_count":1,"received_data":865,"sent_data":468,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-01-04T22:40:02.941781Z","alert_count":0,"request_count":3,"received_data":593888,"sent_data":1317,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"bvtpk.com","ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-03-16","domain_rank":37068,"first_seen":"2025-05-21T11:34:02.786268Z","last_seen":"2026-01-08T15:56:58.393225Z","alert_count":1,"request_count":1,"received_data":113623,"sent_data":411,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"b7510.com","ip":{"addr":"139.45.197.115","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2021-03-21","domain_rank":0,"first_seen":"2025-06-19T09:08:24.947983Z","last_seen":"2026-01-08T15:56:58.59456Z","alert_count":0,"request_count":1,"received_data":833,"sent_data":601,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2026-01-05T15:28:20.418392Z","alert_count":0,"request_count":1,"received_data":841,"sent_data":443,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-10T13:48:06.497221Z","times_seen":138511,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/ui/1.11.2/jquery-ui.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b5f3656496ccb995aacdccc0e91437c2","sha1":"4e6a74f1dd52f0b7aa4d9777426adecf8d9377fd","sha256":"26e1b509ca17a756db87864840e31a1a7caa2ce9164aa2fff2c61284c582c0c2","sha512":"5758630739f8ec91c2df4f0ac6bfe5dd64b87f5d1594eb1b5828274e2a0d2f422377c84e850a04467b8f40c6c7ec6e4b76b5314dfb9766892bb7ed896f3beed6","ssdeep":"6144:gp8S62GdgXMujWWUl/plq/pfldEld1HmcI4BniKY7IXtu255W5ZbHrbTi5J4hjY/:RljHmcI4R5W5FHr6HuJsNEjhBnY","tlshash":"0aa4a689f39c266a857a325d5c2e41ce723c8076d60158bfbc5c59dc29e883c42bbf79","size":469356,"data":"","first_seen":"2023-03-07T12:02:00Z","last_seen":"2026-04-10T00:46:25.306068Z","times_seen":712,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/moment.js/2.30.1/moment-with-locales.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef33ee2255d562260ac4adcabf2c768c","sha1":"dd1c67b36c800c00b7901f17af6200b26f2bb42c","sha256":"69ad644b0ab4b3c39486a909655430e53a3436ef05b207b127e74da669d97325","sha512":"e05d5cc5874c8805bdf28a2648b6b2804c260a720fdfca5be0ac7bd32418a91c0b542b370db46e99f06af364f4f20ff82c9fec99b14616999e165420a0371c82","ssdeep":"6144:Jfftar0AZAhVuh8BGhrDs3/A93TSZWkcSO2dpOamL5ItDxWzWY9lei+zSkWOKDBz:NYAhVuh8BGB8/k3TSZWkcSO2dpOtL5Ii","tlshash":"d284c8cf63e66a8e0a146116cc3dad0d284d0e81d079d735ffb65287f51ce2846babb1","size":375055,"data":"","first_seen":"2024-01-26T16:51:09Z","last_seen":"2026-04-10T03:02:06.889736Z","times_seen":995,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/luxon/3.4.4/luxon.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8bad1ebcf2d5b2ec062ae7e0f64f156a","sha1":"0c71cf565af67b3aa5885afc6a16b4ff051bac34","sha256":"ecd426d1b86f0c92a8b0bf1dfba6604a2d8bc59088700fd30f4f3b18b1013bd3","sha512":"7549522cb931b251882e13dd0a400bc24e2cccf869df199920a16d9540fe3bd2ec96ae35024b2676de4e1aaa68983a13e05b02507ef48d053c7b3647237bf545","ssdeep":"768:kC+Jvp/A10UsApZGGHR0bFglgLL2pVmCvdfH4dDnRXfEC2oHUE3rUbUr2hWp4:ghmsA/R0bF82wVmO9HiDR8venEgC","tlshash":"f973a5ca72c3b1500767a1e9442f2006f23e68aa588d491cf556e8d3bcb5d99923bf7c","size":78220,"data":"","first_seen":"2024-03-07T12:26:37Z","last_seen":"2026-04-10T03:16:59.637292Z","times_seen":246,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e6d6961a593f4e7a9ecf0c2f28995e98","sha1":"d4887fb8ab79c2faff240f5a8b4d1725602bf9a2","sha256":"a8937f926fb8e2eeef0c53a3069d6aca20636c0b70b9590e2d92ef8c6f8a310b","sha512":"2940632d8730ffe0387bb224c8e87f92638c3a2d535be4521fb57471cf75586a314364af5a49e66120fca814557c186b972e52ba63463a13c379f5941dcaee6f","ssdeep":"3072:tXki1TG8YlAVRzIqwL76WJHpYx8K/MVzUL:6WTGvlVqw5JJSQza","tlshash":"6db3295673a277d21a6e60d42d57d60573fd8c80488f8867e3c8787972d081cd3abbea","size":112428,"data":"","first_seen":"2026-01-08T10:53:12.921125Z","last_seen":"2026-01-13T12:31:03.505793Z","times_seen":139,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/js/main.js?v=1.5","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"introduction_type":"scriptElement","is_inline":false,"md5":"44cc44c5079ae7a3520d24c3011422b9","sha1":"c2c8c9340a8596874097ace6186fd9c90ee8b21a","sha256":"e9a3ec0fe20f54b9f8223636ff7acd233f37f4e6cd41a3edc4a1b5b860198de0","sha512":"f75fb28bc7ef6c30f56d922f1890b75b3d0205381c455d219ce149ead1a4fc66e7d20fe857f22f4671130a6c9508f9f25d33010c1c922ae53e8971ca69497bd8","ssdeep":"96:hXKyjP8+jippUD3WyXE1MMfLpweoicOl3hJUEfg2S:ha6k++U75vgc2U7V","tlshash":"83a163a8f9e311b30d337198aa8f60057494f11f2145ce487d9cc6825f88f6aa1f76ee","size":5060,"data":"","first_seen":"2026-01-08T16:43:49.829988Z","last_seen":"2026-01-13T13:15:48.937049Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/moment.js/2.30.1/moment.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"be51675f16a773d868e992735ecbf078","sha1":"5fbb015c68f4e95434cd63e8a46e17e91da1e184","sha256":"5b3eef58af8f051a73350fb530ccd1826e6a21ea840a60d5a9b81acb6d3823a0","sha512":"428252e033a17661bc91b6c7931981febb4f74deb670659701d00559624fbd4145d7fcf170f49d0279f81e1619488955a0b5442742deb1f365bac826d9b3df9c","ssdeep":"768:HgtHJgvZaVdUtI7uxwgmOSw9lU6+0Iwkndand2ru+4PHy:AV04fUtnkOSCo3BdEdKua","tlshash":"5f4392ce3546b11257b212b6082f050be33e59a96c4e4d2cf508d9e97879c6e427ffb8","size":58912,"data":"","first_seen":"2024-04-05T23:11:40Z","last_seen":"2026-04-10T03:02:06.892156Z","times_seen":1376,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"introduction_type":"scriptElement","is_inline":true,"md5":"bfeddd9d653aee35ad8b1b2c047ced57","sha1":"dbfe8209b542002e467890e3840d7e6c31480ef6","sha256":"bfd15757ba5acfa041c766175360be62d729752fd356e843844caa4af6de81fc","sha512":"50375549343f25c3c7b28029f5609c9cbd80b3cb93cf7c9df7ff2672333d218ac4266dd5d33864c3e635d54bef52452313f93ea61e1492edff5d0a095b435222","ssdeep":"","tlshash":"a3c080b564e59930145400da3076dbe57d74321c79a37080c49d7c2cd664fd30851c65","size":179,"data":"","first_seen":"2025-09-27T22:41:44.982055Z","last_seen":"2026-01-13T13:15:48.971733Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"introduction_type":"scriptElement","is_inline":true,"md5":"134d6583b908c4fc0d99c28eca085500","sha1":"770ef76a251fae48b794f13290c6ac0134ca2694","sha256":"08df3225941a116ad0d6a63c39e1aa9030854e28b7b67c7c544cb552c1196479","sha512":"6d0d0247a6006fc866023db4d7d3c5aa5e2c82fbc9f025710263857907cdde922517eb4cc403bf35e8c8f6db122be2e437dbba7ffa02f5c7464f6936160a481f","ssdeep":"","tlshash":"71b012cb00c2020065e235118f422520313300d70408d5017c0c87047fd876f473ef9d","size":97,"data":"","first_seen":"2025-03-05T04:12:08.592275Z","last_seen":"2026-03-19T12:02:56.781822Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/liga_1_max.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/liga_1_max.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 15654\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-3d26\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15654,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5fecfa7c98d43d1245e8a1efc085b79d","sha1":"9055c1477de4e160d15ffe476f3b8fdc2bb3ab1a","sha256":"40f925ed943b6bbad22c804a99b6c2f1730158aa0418293049057b0fdde53844","sha512":"b86d64bdf67c40c4d8f69825d5b94879e35d6178fc1c8de87e84b0f8e3f33ae54d7d82646628eecce2fa4d12de1e25f4840ea37a45d92b5049bc661aca62653b","ssdeep":"384:FpwbVXm9ce+e335O2I/VLCgG4UdtXLreCn:yVOpf35O2wLv/gLSCn","tlshash":"8062c08029b313f9bc40107895e1dfc2b685bf26f4a555b79641788997b06eef023b1e","first_seen":"2024-04-05T23:11:41Z","last_seen":"2026-03-19T12:02:56.732939Z","times_seen":7,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/movistar_deportes.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/movistar_deportes.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6198\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-1836\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6198,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a755efab6f93e718d2b1d889f83d9abe","sha1":"87e95c37499e992b46d8e614e913e52dd2e29175","sha256":"abea2ae3b2b0caa0e486c37adfc358119754c6a75f096422218103c02a390fa6","sha512":"0fb1675d0351f6e2cf394fca90ddb6e3f0eb30fb4579c984b45763ca13c30f57204286298f1865e0e6d698f631f94dc01c9e6f84b32a2ada0592223c82bfdeb8","ssdeep":"192:TQJCMTrA7BwQhkEaLAFU0VtbZ/BdEDYfqEPqK:fNwQhkEKAFUQfEgmK","tlshash":"76d18d36bf4280d183a993fe3078e4a07618a17b2e25ed61c55af11f79d485c33b3760","first_seen":"2024-04-05T23:11:41Z","last_seen":"2026-03-19T12:02:56.733568Z","times_seen":6,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/goltv.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/goltv.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5032\r\nlast-modified: Sun, 27 Oct 2024 07:36:04 GMT\r\netag: \"671ded64-13a8\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5032,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"14d358d49358319520ab2ce215c259de","sha1":"839fd45dae17ec4e3da1cb51f13cc466304bc808","sha256":"b99ed6798c00becdc01d912e56aaa75861bd62ea13592d7df6afa58f591dde2a","sha512":"b1061ebe61bf6f9d21aa294c33fa86ad3887708219253483cb08d025f40b8ef50f898aa4142591adaffa41f9deaaffb80cb8c046e563376f2a04b03da1aece2b","ssdeep":"96:Nz6YkIeNxdqlEm+liAaRbGUs45PrB/dD3BgqKaseV+Y:teIeNxsym+lijbGUs4rz6e","tlshash":"41a18d216f8756e9d18bea7790a44b0855f03f153f4a5d4cf8a1aec289f0ae627b3c01","first_seen":"2026-01-08T16:43:49.770894Z","last_seen":"2026-03-19T12:02:56.706793Z","times_seen":3,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/luxon/3.4.4/luxon.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/luxon/3.4.4/luxon.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 20501\r\ncf-ray: 9bad27393d4556be-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6551a710-5015\"\r\nlast-modified: Mon, 13 Nov 2023 04:33:20 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 4094759\r\nexpires: Tue, 29 Dec 2026 16:43:19 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=fFpksrLXOxQLewyx84w%2Bxys%2FzArUlAxwAlmmxYRDqaLZl8gkVvvE1kc1g6r47pkx7OBx0V44ijF0oon83l0OphayxMvSbhRkrEjWiIpD5bbqWH5bQgW6bdYU%2Ftn68vzoNP2xn5tD\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":78220,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65440), with no line terminators","md5":"8bad1ebcf2d5b2ec062ae7e0f64f156a","sha1":"0c71cf565af67b3aa5885afc6a16b4ff051bac34","sha256":"ecd426d1b86f0c92a8b0bf1dfba6604a2d8bc59088700fd30f4f3b18b1013bd3","sha512":"7549522cb931b251882e13dd0a400bc24e2cccf869df199920a16d9540fe3bd2ec96ae35024b2676de4e1aaa68983a13e05b02507ef48d053c7b3647237bf545","ssdeep":"768:kC+Jvp/A10UsApZGGHR0bFglgLL2pVmCvdfH4dDnRXfEC2oHUE3rUbUr2hWp4:ghmsA/R0bF82wVmO9HiDR8venEgC","tlshash":"f973a5ca72c3b1500767a1e9442f2006f23e68aa588d491cf556e8d3bcb5d99923bf7c","first_seen":"2024-03-07T12:26:37Z","last_seen":"2026-04-10T03:16:59.637292Z","times_seen":246,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":19,"dns":1,"connect":3,"send":0,"wait":21,"receive":1,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/espn_4.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/espn_4.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5698\r\nlast-modified: Sun, 27 Oct 2024 07:13:42 GMT\r\netag: \"671de826-1642\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5698,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"78a73a8fd205aa497ad726fa6e5c358e","sha1":"02e9a6747cc05efe39b59457d279ce3fc8b72e5b","sha256":"0748c62c0ed005e3ff186c7c904969f3fbf7b35466863c97c3436f6b15a41e7f","sha512":"e864e97d6f917ca2682aee352e732864b1e97f8f2f913e6b195abedc994f71b05c35625a8996a3e1a0f330c067deee65176a47e3f6decb72fc064b4fe5f486a9","ssdeep":"96:ecxjQ3PtMEy91KfHZmeMQf784ZyaKRMqzfW3UwH061/BAjjT60G/2sXIoCGTNNG:eeQ/tMEy925mTU8HaKvHt6VuHToJI9K","tlshash":"2ec18cae5e4bb81af6200c784844936f808201a979ba7f03609a2f975dd9644f885ace","first_seen":"2026-01-08T16:43:49.775967Z","last_seen":"2026-03-19T12:02:56.710321Z","times_seen":3,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.golazoplay.com/uploads/espana_a8510f9b5f.png","fqdn":"img.golazoplay.com","domain":"golazoplay.com","tld":"com"},"ip":{"addr":"185.59.220.199","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:21.238Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.golazoplay.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 08 Jan 2026 03:06:43 GMT","end":"Wed, 08 Apr 2026 03:06:42 GMT"},"fingerprint":{"sha1":"04:37:E5:39:E5:F7:A4:6F:16:C3:49:96:92:0C:81:2F:E3:4D:BE:0B","sha256":"EE:37:43:96:54:B8:AE:B3:7D:47:2A:FD:7B:E6:47:0E:AF:4A:06:8C:75:0F:6E:CA:B0:A3:D3:35:D9:86:2D:66"}}},"request":{"raw":"GET /uploads/espana_a8510f9b5f.png HTTP/1.1\r\nHost: img.golazoplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 16:43:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 508\r\nserver: BunnyCDN-DE1-722\r\ncdn-pullzone: 3106733\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=14400\r\nlast-modified: Mon, 15 Jul 2024 06:01:43 GMT\r\ncontent-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-powered-by: Strapi \u003cstrapi.io\u003e\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1dUxcSAmmHwmrQUCnrFQBvHV71WvbX3wHIrAw8KKyz4SZHMbdpmrD8K4pzow0eOkMdsaT69%2Fu7qa8hAdK413LPEU%2FZJSuEqqV52g89Hmmm1tTzAf\"}]}\r\ncf-ray: 98bf20f4d8a6d294-FRA\r\ncdn-proxyver: 1.38\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 10/09/2025 16:07:03\r\ncdn-edgestorageid: 1054\r\ncdn-requestid: 92403937d9b38c2f3e4a8ec688ffd363\r\ncdn-cache: HIT\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]},{"name":"Strapi","description":"Strapi is an open-source headless CMS used for building fast and easily manageable APIs written in JavaScript.","website":"https://strapi.io","common_platform_enumeration":"","icon":"Strapi.svg","categories":["CMS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":508,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"3bcc0cbd91234c02788dadc1e25ff0ee","sha1":"c83c4bac0e5727be3a1b97924a6632d7f526ab21","sha256":"4e17f9bd9ff74de2fc4953bcdd751a067190bf8c7439338eadde723a05333adb","sha512":"da5a0f73d2fba8c83c63a8c871d3408189edf6ed67c726078e5c359f474fb02fc9b1df4db0d5e8928a1fd7ad869e36ff0a4d15ce151dcffd9c70f8c5c4d7c640","ssdeep":"","tlshash":"d9f005420304ddeff85aa0444ca10ea9da938e915e59ff9c4a105f254c411d8e788c9c","first_seen":"2024-08-20T05:47:49.286767Z","last_seen":"2026-01-31T20:42:10.372834Z","times_seen":9,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":109,"dns":43,"connect":24,"send":0,"wait":24,"receive":14,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.golazoplay.com/uploads/amistosos_bbe2ec4c17.png","fqdn":"img.golazoplay.com","domain":"golazoplay.com","tld":"com"},"ip":{"addr":"185.59.220.199","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:21.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.golazoplay.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 08 Jan 2026 03:06:43 GMT","end":"Wed, 08 Apr 2026 03:06:42 GMT"},"fingerprint":{"sha1":"04:37:E5:39:E5:F7:A4:6F:16:C3:49:96:92:0C:81:2F:E3:4D:BE:0B","sha256":"EE:37:43:96:54:B8:AE:B3:7D:47:2A:FD:7B:E6:47:0E:AF:4A:06:8C:75:0F:6E:CA:B0:A3:D3:35:D9:86:2D:66"}}},"request":{"raw":"GET /uploads/amistosos_bbe2ec4c17.png HTTP/1.1\r\nHost: img.golazoplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 16:43:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 919\r\nserver: BunnyCDN-DE1-722\r\ncdn-pullzone: 3106733\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=14400\r\nlast-modified: Mon, 15 Jul 2024 06:01:43 GMT\r\ncontent-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-powered-by: Strapi \u003cstrapi.io\u003e\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PzWcz%2FxdwtL8GVmCXpHyjwv5d4sdCn2AJ7Lg4dz%2BuxAXSK5ypbSneiH%2Fs1nq3lDpWc%2Fan4xx3rSsvwTnzCgwKahMRUBqiOpxhGT4UY%2FQLf6EXVsn\"}]}\r\ncf-ray: 9b82b4fdea7b929f-FRA\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 01/03/2026 13:05:19\r\ncdn-edgestorageid: 874\r\ncdn-requestid: 7bd2dc3980c0e0c521c18cd35795d3d6\r\ncdn-cache: HIT\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Strapi","description":"Strapi is an open-source headless CMS used for building fast and easily manageable APIs written in JavaScript.","website":"https://strapi.io","common_platform_enumeration":"","icon":"Strapi.svg","categories":["CMS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":919,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"0dee11c8ed44096fd284bb1123a122c7","sha1":"136e4a2a1b35759d4683317bee6908d2b6275af0","sha256":"8d30b3eafebf41a68db0797be743712457ed9c350d46bae76d346ef669bf3da2","sha512":"08475fd5020dcec5c6d763e8f36e9c25ed7d813ab699fb238ca3821afb19272c851316af18f4f49acdfde6f8c9b78d7f9871a1a189ca3bcccf76aef3d460a49e","ssdeep":"","tlshash":"691192daac197deed6f10e3000d695757832acf079b64d43d48aa51ce8023b1d80a3ab","first_seen":"2026-01-08T16:43:49.779541Z","last_seen":"2026-01-08T16:43:49.779541Z","times_seen":1,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":110,"dns":48,"connect":24,"send":0,"wait":38,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.golazoplay.com/uploads/amistoso_paises_b9febc0d3c.png","fqdn":"img.golazoplay.com","domain":"golazoplay.com","tld":"com"},"ip":{"addr":"185.59.220.199","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:21.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.golazoplay.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 08 Jan 2026 03:06:43 GMT","end":"Wed, 08 Apr 2026 03:06:42 GMT"},"fingerprint":{"sha1":"04:37:E5:39:E5:F7:A4:6F:16:C3:49:96:92:0C:81:2F:E3:4D:BE:0B","sha256":"EE:37:43:96:54:B8:AE:B3:7D:47:2A:FD:7B:E6:47:0E:AF:4A:06:8C:75:0F:6E:CA:B0:A3:D3:35:D9:86:2D:66"}}},"request":{"raw":"GET /uploads/amistoso_paises_b9febc0d3c.png HTTP/1.1\r\nHost: img.golazoplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 16:43:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 3946\r\nserver: BunnyCDN-DE1-722\r\ncdn-pullzone: 3106733\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=14400\r\nlast-modified: Mon, 15 Jul 2024 06:01:43 GMT\r\ncontent-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-powered-by: Strapi \u003cstrapi.io\u003e\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t%2B6utlyS1lhpaGgk%2BuQbtpYx8YuV2uV3pY48b41528mdAGnb0qUabduoR03zBXUlpiCXPKZBV%2FZF3FhCEr4Cx92B2vS0sOcJZQnCT7t38vDMMamt\"}]}\r\ncf-ray: 98bee8bcad43d395-FRA\r\ncdn-proxyver: 1.38\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 10/09/2025 15:28:40\r\ncdn-edgestorageid: 1333\r\ncdn-requestid: 4f65f724e45f8367a4fe940001a1e7e2\r\ncdn-cache: HIT\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]},{"name":"Strapi","description":"Strapi is an open-source headless CMS used for building fast and easily manageable APIs written in JavaScript.","website":"https://strapi.io","common_platform_enumeration":"","icon":"Strapi.svg","categories":["CMS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3946,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"46f7cab2805a0bb787ee756a36132876","sha1":"a7b10ec857a32484f98e73187ec97feb9a38947b","sha256":"99c43d79deaddc3a81704635b0d57c403c53e942203e9f648e7883adde7ff219","sha512":"c09aceca8da51a82ba2b58c37a082b2765f36123f02efd5da5f0b08fc5a4b6f56d0eb61493232823df40332fc5a60a8e654a66e25cd91948c01152168aeee024","ssdeep":"","tlshash":"90816c5b94b1fd91e2ce880b127e2d649f2f7cd36d3602801e27720d1e7189fa090761","first_seen":"2025-03-25T21:42:43.749808Z","last_seen":"2026-01-08T16:43:49.78141Z","times_seen":4,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":108,"dns":47,"connect":24,"send":0,"wait":37,"receive":2,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/ui/1.11.2/themes/smoothness/jquery-ui.css","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /ui/1.11.2/themes/smoothness/jquery-ui.css HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: text/css\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-898c\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\nage: 4159038\r\nx-served-by: cache-lga21964-LGA, cache-hel1410026-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 4, 2446\r\nx-timer: S1767890600.903689,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 8056\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":35212,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2363)","md5":"8eaed1cb6e4dc429e5d99740e55a3c84","sha1":"2a3842806f43bec328aff7b55031301bdee104cf","sha256":"95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012","sha512":"90bbf1f6bc03f08bf3b7c5b1359ef9b7fd243b1c0b47c7fb59d52d306b08c649b07e855eae6472797d8a039fd57d0fdd1463460d3a1c0d41485a1a850580b169","ssdeep":"192:vGO80QYpyirM2lr0sNJdBsUPSMfe3OnJ572hk/LQY+Bg3da5Y6BjSmMErEURHd0Q:6Ypyir4Oq2J1eQykeC5YE7zS25+as","tlshash":"a8f2eb316b433909ba0bd1a069911bf3e32e1342ee5b7d7e649a259cd3d94e080bf5b4","first_seen":"2023-03-14T08:16:27Z","last_seen":"2026-04-10T01:17:25.646619Z","times_seen":673,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":52,"dns":0,"connect":17,"send":0,"wait":38,"receive":0,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/tnt_sports.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/tnt_sports.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7454\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-1d1e\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7454,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5e08e8010b32cce086aeff5085bd8d6f","sha1":"5cf229ecf7bf63258063fd6e3a2b6d653568cd1a","sha256":"06775a8cb71d63ff3ffbf6c20a52996ad7eaf733f7b4e1c69ff68e19a8b6b225","sha512":"833bbddb528e9ec2e1ed50b653005bd140c6e17307a16eaf509d31f89e4a666b5ae92ca24323a6260b7b34f94d322b58743026cde8e3982cdabe85117417f353","ssdeep":"192:jkewKS292QqfDO7B5KjyqR6RgRzeAfetXlSzKrX:jkeXPWijKebRmaAWtXl","tlshash":"e4f1afe35287b48ee22a39f1ab9d70406448ebd1096b16e71d613ce6f3a6c4c100df37","first_seen":"2024-04-05T23:11:41Z","last_seen":"2026-04-05T08:18:25.615875Z","times_seen":12,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/tailwindcss@2.2.19/dist/tailwind.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 2.2.19\r\nx-jsd-version-type: version\r\netag: W/\"2cc503-cyTPK4s7rX9aC3Y3NNaHIxjV1fQ\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\nage: 2718842\r\nx-served-by: cache-fra-etou8220049-FRA, cache-hel1410022-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 255702\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2934019,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"fd1515a3d70a9d3d1efe23553fb559ab","sha1":"56977de783ee69a0dbd14635c5a34fa3946b2252","sha256":"9209ca41f0f277ebe6b6e87354dc667081a638b83945f4531807bf06046227c7","sha512":"d3f9747c4e662b5dc6bf2e4e88b68425f82c89cc01c4a088574bcae8fa6c9896052b26355c2a1d93f4b6e8a5a4e589378f004c8d33299a0a53e0e5e63731c78b","ssdeep":"24576:TNmEvSBlsi1KhVzbweQgx+oaiM8eMkEcnxnF/DlZKmTKvxg4hahhDAeYYL24qC0s:TNmEvSBlsi1KhV6xnF/DlZKmTKvxg4hc","tlshash":"31255f3cabb1253baca7a1e9e145fdacd50762d8ed3005e7bc9221019be13f7c947264","first_seen":"2025-07-26T19:06:20.805876Z","last_seen":"2026-04-10T10:10:51.626374Z","times_seen":3028,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":58,"dns":1,"connect":33,"send":0,"wait":27,"receive":84,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/espn_5.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/espn_5.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7252\r\nlast-modified: Sun, 27 Oct 2024 07:13:42 GMT\r\netag: \"671de826-1c54\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7252,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5125cf24cc41f6dd5ea50efa7b95380c","sha1":"672a477e9405665e60af735138320869adefa71f","sha256":"7cf74e37e6b68cab6f98399ea77d35ed7049c9167e6066383cb1d4bf3b7e60ce","sha512":"8909735dd5f4d99fcfb65db40b911c90a3f9a8310e3e324a2577f25c8864aeb4eb3794319c2b0beb0f0e6642e0362b57a3b90e9b7083e64ed092130f9e6cf3a8","ssdeep":"192:R5G6RJqijo49ffoKDoUY1QukCXltO7PFJ9YXIqodXLvsIl4:DbIijhoIo51Quh1g7D9YXIq4LvsU","tlshash":"dae1bfeb6f11f0dfb03520be377f586671423e6ad4de50a5430111b3220584ab5dd9b2","first_seen":"2026-01-08T16:43:49.785933Z","last_seen":"2026-03-19T12:02:56.741476Z","times_seen":3,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.golazoplay.com/uploads/inglaterra_823176495f.png","fqdn":"img.golazoplay.com","domain":"golazoplay.com","tld":"com"},"ip":{"addr":"185.59.220.199","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:21.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.golazoplay.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 08 Jan 2026 03:06:43 GMT","end":"Wed, 08 Apr 2026 03:06:42 GMT"},"fingerprint":{"sha1":"04:37:E5:39:E5:F7:A4:6F:16:C3:49:96:92:0C:81:2F:E3:4D:BE:0B","sha256":"EE:37:43:96:54:B8:AE:B3:7D:47:2A:FD:7B:E6:47:0E:AF:4A:06:8C:75:0F:6E:CA:B0:A3:D3:35:D9:86:2D:66"}}},"request":{"raw":"GET /uploads/inglaterra_823176495f.png HTTP/1.1\r\nHost: img.golazoplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 16:43:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 533\r\nserver: BunnyCDN-DE1-722\r\ncdn-pullzone: 3106733\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=14400\r\nlast-modified: Mon, 15 Jul 2024 06:01:43 GMT\r\ncontent-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-powered-by: Strapi \u003cstrapi.io\u003e\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wNH89pp6zU9NzemlZcQ%2F45%2FY6M5u%2BE1MHkYvCNgOl0EUcFrx1aIPpHZB1ofgGSmy%2FcZwdKul10%2B8ktYpTS1we7jsv%2BgHbvW8kI0n5kY5rqnXEkNJ\"}]}\r\ncf-ray: 98bf81692de1d2e3-FRA\r\ncdn-proxyver: 1.38\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 10/09/2025 17:12:54\r\ncdn-edgestorageid: 752\r\ncdn-requestid: f2fcefb21571a42048183bfe6c19e592\r\ncdn-cache: HIT\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]},{"name":"Strapi","description":"Strapi is an open-source headless CMS used for building fast and easily manageable APIs written in JavaScript.","website":"https://strapi.io","common_platform_enumeration":"","icon":"Strapi.svg","categories":["CMS"]}],"data":{"size":533,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"2f73e146d75cd91a1fe468fe75fc0fa7","sha1":"5388bf704306482dbf9ad2de15980d8195dd58f7","sha256":"5dd0513ea6d290944272ed005c7aa2d2e1b4d921cf7a629aee23e7a37c527042","sha512":"1b1d44026f0c83386671455051564f96b2b9323f189c2c392f1cd925c15fbf76868cd76491afb9db3bbe04b6db25a2c2dcc2f3380aa6f255734ccdc56cba142b","ssdeep":"","tlshash":"e4f0204927401bd8c23f67b3394cb8733b0400a113194d4e11b9f7815e4e668aee0150","first_seen":"2024-08-20T05:47:49.304432Z","last_seen":"2026-01-31T20:42:10.372296Z","times_seen":12,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":108,"dns":44,"connect":24,"send":0,"wait":24,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.851Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.7.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-155ed\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\nage: 3123791\r\nx-served-by: cache-lga21978-LGA, cache-hel1410026-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 27, 156775\r\nx-timer: S1767890600.911116,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30336\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87533,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-10T13:48:06.497221Z","times_seen":138511,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":56,"dns":4,"connect":15,"send":0,"wait":31,"receive":1,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/ui/1.11.2/jquery-ui.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /ui/1.11.2/jquery-ui.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-7296c\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\nage: 1840742\r\nx-served-by: cache-lga21920-LGA, cache-hel1410026-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 2557, 2043\r\nx-timer: S1767890600.898619,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 113672\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":469356,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (547)","md5":"b5f3656496ccb995aacdccc0e91437c2","sha1":"4e6a74f1dd52f0b7aa4d9777426adecf8d9377fd","sha256":"26e1b509ca17a756db87864840e31a1a7caa2ce9164aa2fff2c61284c582c0c2","sha512":"5758630739f8ec91c2df4f0ac6bfe5dd64b87f5d1594eb1b5828274e2a0d2f422377c84e850a04467b8f40c6c7ec6e4b76b5314dfb9766892bb7ed896f3beed6","ssdeep":"6144:gp8S62GdgXMujWWUl/plq/pfldEld1HmcI4BniKY7IXtu255W5ZbHrbTi5J4hjY/:RljHmcI4R5W5FHr6HuJsNEjhBnY","tlshash":"0aa4a689f39c266a857a325d5c2e41ce723c8076d60158bfbc5c59dc29e883c42bbf79","first_seen":"2023-03-07T12:02:00Z","last_seen":"2026-04-10T00:46:25.306068Z","times_seen":712,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":38,"dns":1,"connect":18,"send":0,"wait":14,"receive":29,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/fox_sports_3.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.874Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/fox_sports_3.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7556\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-1d84\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7556,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d3b4fd03d5c4a7599101fbfb8490c871","sha1":"12f08638195720cce9016a6ab24a7cb92a9ff009","sha256":"52f9aff5a4abc2098aa161efe3bb6497eb626a156ee105ca3ace5749d9e76381","sha512":"f5e47a4f8693ec6ad9fa9c68213f9a380959d42131a7319dd34bce2e920942c9b3e4028d35afbe2bb204515c59a2eddf04eb7e08cc8b3e5df1d8e636c784e906","ssdeep":"96:sJqNcY+Ouw39LpGviztBdGeyJp/ZoZ50z2sZcgYFqmnVstM70NR1dL00KjCdRLSE:Hnuwxzi1CZ42qWUeVsaQdLXLMsEHr","tlshash":"adf19e94133fdae6c68be5baa2c9cfcf2b44040186c44a6a7b45da5e697405037c4bb9","first_seen":"2024-04-05T23:11:41Z","last_seen":"2026-03-19T12:02:56.739754Z","times_seen":7,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/fox_deportes.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/fox_deportes.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3500\r\nlast-modified: Sun, 27 Oct 2024 08:41:46 GMT\r\netag: \"671dfcca-dac\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3500,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b8a7a18e2c09cc658cce29edc0b0d9af","sha1":"74167ed47928cda13248835e553b0eceedddef4e","sha256":"a00310edc863a4a68e6c5e4d40012cb4d86a462af42ae29159edda87b4002b03","sha512":"05b9ac4baaff8d5e4d4cff78bd83e2e929665b0e8364bbf011beed4f967f59e3fa04ff90f59b0c0ccde66764772d93cbc47b66113c7e6b95f83a93a1d73eb106","ssdeep":"","tlshash":"257129458f8a760ce67aed7f50eb437e2c327bf09756ce614c108ba036b2e542d99848","first_seen":"2026-01-08T16:43:49.792752Z","last_seen":"2026-03-19T12:02:56.69653Z","times_seen":3,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/espn.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/espn.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4046\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-fce\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4046,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"370aa5c0039ebc13f592c3b57636afcc","sha1":"bc15615efe6268d8de6a183c6cf036be59f383d6","sha256":"8d92bc29d09023ade679faf0d06f739e9787343c6ef6ee90fccee0e419fd5699","sha512":"a71ac8cdaffc6cb3b7062fffd983eff0d1074f6420c1f55bdb03b9da8d55272e5b6aec98426cb0504cbb86d087fac40494028e4fbe71ac88cdf0ce477897b17f","ssdeep":"","tlshash":"60818e91d0c63214caea0fff68c30e8f5aa59c432c4ca54f46a6219f4a857dd7d0252b","first_seen":"2024-04-05T23:11:41Z","last_seen":"2026-03-19T12:02:56.73216Z","times_seen":9,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/font/galano.otf","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:20.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/font/galano.otf HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/assets/css/main.css?v=1.07\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:20 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 94152\r\nlast-modified: Sun, 20 Oct 2024 02:27:18 GMT\r\netag: \"67146a86-16fc8\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":94152,"size_decoded":0,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"95c3c487bc3d2595875bb006c1cad86c","sha1":"70e059e2c69649df67e36359e878e1ee803484c6","sha256":"555a475c235d43f99ddac25cb935e289d34f2c3b9cc6bef436de0cdcd8291413","sha512":"d820147fb39a30daf7b8bf3883cdc69527dfee3cf7bcb7f5bb4cf3e7769953c133864eb040b787345c5de98e2a1d75cf51e8ccc9be79a43c7598a9b7c0ba3fbb","ssdeep":"1536:JO3DXuGmBkl/1KWA03wtaPfgUApcYVhkscEb5ILec06udci2lVOPUedXZLion2ZV:smSB1KWAVaAbcEFPnJcUpLJ2Z//fG81D","tlshash":"279370036e4ab514cdd4413a91ee8fa30fb39ecd4c18538756d22e828ffde6197252ad","first_seen":"2025-11-02T22:07:38.861161Z","last_seen":"2026-04-07T20:00:22.821725Z","times_seen":7,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":83,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/moment.js/2.30.1/moment-with-locales.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/moment.js/2.30.1/moment-with-locales.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 60080\r\ncf-ray: 9bad27393d4a56be-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"658d7934-eab0\"\r\nlast-modified: Thu, 28 Dec 2023 13:33:40 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 6779230\r\nexpires: Tue, 29 Dec 2026 16:43:19 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=GZnNF1eymzK%2FX9fzCbDhKKNs%2BDD7L6F%2BYA7%2Bu8uSNjg05SO08xt74nRxcMRRzo4BAYx8l4FkBgrebchDxEon1%2FL9gmUFvSFOVW%2BIxhRloPdQdlkAQxeVfK67u2etAVLhF%2F57wlwk\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":375055,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"ef33ee2255d562260ac4adcabf2c768c","sha1":"dd1c67b36c800c00b7901f17af6200b26f2bb42c","sha256":"69ad644b0ab4b3c39486a909655430e53a3436ef05b207b127e74da669d97325","sha512":"e05d5cc5874c8805bdf28a2648b6b2804c260a720fdfca5be0ac7bd32418a91c0b542b370db46e99f06af364f4f20ff82c9fec99b14616999e165420a0371c82","ssdeep":"6144:Jfftar0AZAhVuh8BGhrDs3/A93TSZWkcSO2dpOamL5ItDxWzWY9lei+zSkWOKDBz:NYAhVuh8BGB8/k3TSZWkcSO2dpOtL5Ii","tlshash":"d284c8cf63e66a8e0a146116cc3dad0d284d0e81d079d735ffb65287f51ce2846babb1","first_seen":"2024-01-26T16:51:09Z","last_seen":"2026-04-10T03:02:06.889736Z","times_seen":995,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":26,"dns":3,"connect":6,"send":0,"wait":17,"receive":2,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/dsports_plus.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.871Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/dsports_plus.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8394\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-20ca\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8394,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a3c8716eff0c74a1063bc00b90f4b75a","sha1":"3c8d0b4ef1625949a53c363164b15adece3533e3","sha256":"9ffd0c1558d3bfd8f71ca69bfcb536a77263655e51cc7098292dca6ba2ec2edc","sha512":"bdb4dbf0872097a6a3533a5c925af7b613eb39080c69b7adf59dff49271a6b46cdd188774952da664878235369dab316ca3fc615620d7410500f17b040a9a9be","ssdeep":"192:ySLguO0kIO0C9tPH7nVSdCvZe/SqoXdmDHM2Qzi:ySLg5CXCbVRdmDHM2Q2","tlshash":"6a02a0fc8130d213e4ea1e3ad4d944c3aa50e7b192c4588d42bcc55a58e44fed8dde9f","first_seen":"2024-04-05T23:11:41Z","last_seen":"2026-03-19T12:02:56.682542Z","times_seen":7,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/espn_3.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/espn_3.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5924\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-1724\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5924,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"48964783e8818b3103ccc8851b9f2739","sha1":"9b15a501b9a8f3b24d3470c684d92ad21cd3dbdf","sha256":"2543ba4a5d8c5f7c9801626cffde1529d501f3340713545f36bd0ef2ed0c39a1","sha512":"816e4cd10e257dbdc213b92457dd633980c9ac109aafd37b6ae0952d8fe0c8c197e9851a858a0924f6c556bf5b59cd60cd2ff69b1622e45077e7f7b8d82b5e99","ssdeep":"96:sY+JG3W/EaqUjl15Tsw+nc+UTt233DvaFzeP/GyezPkaTFEx90YzwHU6BQHwa7aU:sYQG3W/EMjZH+ncbTt2n7Q6P/G/gaSN3","tlshash":"b0c17e46a9e94ff0fa971dfdf7eaa6b752ae02d43a4066105450a85a0178308837e899","first_seen":"2024-04-05T23:11:41Z","last_seen":"2026-03-19T12:02:56.681629Z","times_seen":7,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/fox_sports_1.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/fox_sports_1.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7284\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-1c74\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7284,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"12a550248f0efe8e3b8d7c027466ac8f","sha1":"a346910cb6d9d716275f40ff3d09b2e33bd255f5","sha256":"a845390116cd2a3f8e2b51b4a0ce683bc40b6bda7cc487c5106bbfa93f5854eb","sha512":"0ebc45709a089f076f36fd1a433df77a293d7f76a4020579bbd830ff9d2a88bfd9b016c08beff80e3c43fadec21aa72d957180a29f48756383d5ee71de46e5af","ssdeep":"192:H9w1OraCzYlmjjPs0ViXad5CIxHmRQO5:H9zJUmPP+Xad1xGRQe","tlshash":"50e1af705a020e4cd7c7e9380fd130e5134a6f7e55a76eeb0855189163b961be49f705","first_seen":"2024-04-05T23:11:41Z","last_seen":"2026-03-19T12:02:56.691687Z","times_seen":8,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"golazoplay.com/agenda.json","fqdn":"golazoplay.com","domain":"golazoplay.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:20.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"golazoplay.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 02:27:32 GMT","end":"Sun, 08 Mar 2026 03:24:59 GMT"},"fingerprint":{"sha1":"5C:E7:DB:23:FA:5A:8C:22:21:BC:7F:D2:B2:FB:0A:FA:B5:A5:5E:6C","sha256":"A4:6F:FB:4A:5C:01:41:87:11:4A:FA:C2:C8:C0:E8:CA:37:40:2E:97:A1:78:82:D7:72:AD:B3:AD:16:FC:58:7E"}}},"request":{"raw":"GET /agenda.json HTTP/1.1\r\nHost: golazoplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rojadirectafhd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 16:43:21 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Thu, 08 Jan 2026 13:05:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"695fab7e-6254\"\r\nset-cookie: SITE_TOTAL_ID=eadcf0776e4be3cc9e5cc60d9ed1f190; Path=/; Max-Age=259200000; HttpOnly\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Origin, Content-Type, Accept, Authorization\r\naccess-control-max-age: 3600\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fa9GxJLTdsUPzUWk3I3U%2F8jlzoiAHW%2F0AkIXFL9p1wB1a4RHWIoYgJvj7A6UTaR0NpKFWvKgh1DJQGeVBfXqBadA9226B2%2B4yimwgg%3D%3D\"}]}\r\ncf-ray: 9bad273f9fbcb4f1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25172,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b486a05f2f49858c27da3cc239253971","sha1":"11135c05a19ef00b3fb8f492c4df868c61b1a913","sha256":"f91239d4c2036e63faa26251c5ff55a3ec174bd3ebe1505d6b41d35a429d3f0f","sha512":"6eb322ccf0e5f2e9d70a28bc210e1073838029fd7f64ced0b35c63001e6b8724934f76bbe7890ef433e190f3abf82bb989ac9b5d42c4cb8dbd17bd46ef4dd00f","ssdeep":"192:peSrnLyX16SCyiSCC6xXLyb1gSCyiSChyw18WPSCyiSCLfL46Lyb1gSCyiSCepmb:PY1hz1A18Wch1x1f1BP1v0v","tlshash":"a4b22239d4700da75d96a0ad6cfc1682b62082076d543da47f9c998c8f0c92e59ff3be","first_seen":"2026-01-08T16:43:49.809686Z","last_seen":"2026-01-08T16:43:49.809686Z","times_seen":1,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":52,"dns":36,"connect":1,"send":0,"wait":132,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.golazoplay.com/uploads/francia_e9d1a8ab33.png","fqdn":"img.golazoplay.com","domain":"golazoplay.com","tld":"com"},"ip":{"addr":"185.59.220.199","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:21.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.golazoplay.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 08 Jan 2026 03:06:43 GMT","end":"Wed, 08 Apr 2026 03:06:42 GMT"},"fingerprint":{"sha1":"04:37:E5:39:E5:F7:A4:6F:16:C3:49:96:92:0C:81:2F:E3:4D:BE:0B","sha256":"EE:37:43:96:54:B8:AE:B3:7D:47:2A:FD:7B:E6:47:0E:AF:4A:06:8C:75:0F:6E:CA:B0:A3:D3:35:D9:86:2D:66"}}},"request":{"raw":"GET /uploads/francia_e9d1a8ab33.png HTTP/1.1\r\nHost: img.golazoplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 16:43:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 579\r\nserver: BunnyCDN-DE1-722\r\ncdn-pullzone: 3106733\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=14400\r\nlast-modified: Mon, 15 Jul 2024 06:01:43 GMT\r\ncontent-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-powered-by: Strapi \u003cstrapi.io\u003e\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1Nehv%2BjNldUTJxW9lBZCA6SLGqLLHJrCX3ZO%2BmQjYkCwEuUP9GovU2KKq33IKgIrIA37GtMPwAJCTSP5L7wbGbDaqS7YtJfZ6P08PKoFexPVhUTC\"}]}\r\ncf-ray: 98c080ccce3d9259-FRA\r\ncdn-proxyver: 1.38\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 10/09/2025 20:07:14\r\ncdn-edgestorageid: 1047\r\ncdn-requestid: 14a2afff8f06d2d23415cad1535a4c9c\r\ncdn-cache: HIT\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Strapi","description":"Strapi is an open-source headless CMS used for building fast and easily manageable APIs written in JavaScript.","website":"https://strapi.io","common_platform_enumeration":"","icon":"Strapi.svg","categories":["CMS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":579,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"e6a52bdf34824c534c442b2d00b43982","sha1":"23a9355a1b3d7533d838794564c20c26f75c1f7b","sha256":"f1efa8e7e7e1e5fec53d6d750414ad61fd22009a2a5da9c1117f64e5e294ca7e","sha512":"77bfbb394fea88b6f45989440ad4bfe96137e7fa1bd25f12925e9574c308bdefb8a780da71e7754dcee44c39d33f2d018c3379a5c8a06e82016de7e3e700b705","ssdeep":"","tlshash":"9cf041a17720849cd60f6952aab81570c8631bddaae1d99e063cc93084414cd0ac5bf9","first_seen":"2024-08-20T05:47:49.334845Z","last_seen":"2026-01-31T20:42:10.380492Z","times_seen":8,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":109,"dns":48,"connect":22,"send":0,"wait":24,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/espn_7.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/espn_7.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6980\r\nlast-modified: Sun, 27 Oct 2024 07:13:40 GMT\r\netag: \"671de824-1b44\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6980,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"af9fa6b3ed009a9062193c0a1b7bc387","sha1":"be76880a3171335fda5c88c2cc7549bf059d4ce5","sha256":"145f80fb621e2d155d6b7af904c6dd91468b962217393950ac8e7a35f46adc9c","sha512":"f605cc6389b960d10f9f4bad95b713bbc2d2d1724e77b9c32d99ee57469bb8737f46827f09908d52d24ea5fefdbfa0d29bdb4f3de6a0fb545facd74ea07f4015","ssdeep":"192:fdaUaG8qvuLruii2fGBGtG4osvbPzyamgKeWAm:fdaUCLruD2fGEk4PzNmfeW5","tlshash":"7fe1af85b78491c8cc0677b7f038a12fd7778a782c556dd951a106dc48bdb1ce24bd2c","first_seen":"2026-01-08T16:43:49.817187Z","last_seen":"2026-03-19T12:02:56.745921Z","times_seen":3,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/gol_peru.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/gol_peru.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 14730\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-398a\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14730,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"03057f3f6a1df9824cbee19b0cbddb5a","sha1":"92906820aee3124598c6208712a54141130b31db","sha256":"247a6c9c4a3482aef13c82d3dcf42db9ec912b7316c522a0008abe86cbb5357c","sha512":"8b53b5621e8f9beccd14488958b6d7cd6f0f21bea357cae8b6c9cb83178b884accef7c36bff8533e6cfcc66f18b09e8d9286cd642488e34ca192491bab694adc","ssdeep":"384:QEoNbRY7rrpXA7ZTIQ4sOrr/Flu0iOvVEG1rEfYj:QEoNbRY7rduZ7cLZKG1Pj","tlshash":"ca62d092e2603b31d62dd0773c302be2a5eb4f2a105018a39bef55d3d0b47bcb915d4a","first_seen":"2024-04-05T23:11:41Z","last_seen":"2026-03-19T12:02:56.746892Z","times_seen":7,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/win_sports_plus.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/win_sports_plus.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8404\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-20d4\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8404,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8c9ec897c485f0f594b065701332b951","sha1":"ffbdab1bb6fb0bbd4336a1d9e8f11272d0ce7f31","sha256":"6e2912f596bc07b206505cf9c0f7a0e9a38bebfa4ace5eab6b1f7b7c2e4189c4","sha512":"ba6b1837740c17c45da74e325905e32dc1e42c8a0edf984e6dc5aadfae4eb6ba14fa3c408cd2038277a4fde42b60d3fdd5c0f87864a2ad25e047f51e20cded49","ssdeep":"192:ZRJvgyFvBvaZTNDAVLyZPxJrt/yk+3x6cJRm+mzsdhP:HOyFZCxNlJRK93x6c7Rd","tlshash":"4602ae340a5fb01af1ad9a32b563ecc582a94427a642177022f8aa3fccf850f7442b0d","first_seen":"2024-04-05T23:11:41Z","last_seen":"2026-03-19T12:02:56.699181Z","times_seen":8,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bvtpk.com/tag.min.js","fqdn":"bvtpk.com","domain":"bvtpk.com","tld":"com"},"ip":{"addr":"172.67.154.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:20.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bvtpk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 22:37:34 GMT","end":"Sun, 05 Apr 2026 23:35:09 GMT"},"fingerprint":{"sha1":"C1:64:B6:05:30:A1:53:22:BB:A0:B6:3D:F9:D8:D9:B0:2E:C7:A1:FA","sha256":"01:74:87:98:66:71:39:F9:50:45:1E:79:11:EB:1F:88:31:80:B8:EA:9A:4E:59:F7:9F:EF:6E:DB:7C:F0:BC:1D"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: bvtpk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 16:43:20 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-trace-id: 48ef38154ac332d60ae2052227d08406\r\ncache-control: public, max-age=600, s-maxage=1800\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 1253\r\ncf-cache-status: HIT\r\nlast-modified: Thu, 08 Jan 2026 16:22:27 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qa7GC%2FwJqjH3Yz89dbLxOYp5jTMTsxDnvRHS3wEMnbYHz6%2BZ4%2BMdfmgdKgyHjt6yfN6J8twi8DslQ0UXluovySC39f64tkSgKA%3D%3D\"}]}\r\ncf-ray: 9bad273edd10c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":112428,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"e6d6961a593f4e7a9ecf0c2f28995e98","sha1":"d4887fb8ab79c2faff240f5a8b4d1725602bf9a2","sha256":"a8937f926fb8e2eeef0c53a3069d6aca20636c0b70b9590e2d92ef8c6f8a310b","sha512":"2940632d8730ffe0387bb224c8e87f92638c3a2d535be4521fb57471cf75586a314364af5a49e66120fca814557c186b972e52ba63463a13c379f5941dcaee6f","ssdeep":"3072:tXki1TG8YlAVRzIqwL76WJHpYx8K/MVzUL:6WTGvlVqw5JJSQza","tlshash":"6db3295673a277d21a6e60d42d57d60573fd8c80488f8867e3c8787972d081cd3abbea","first_seen":"2026-01-08T10:53:12.921125Z","last_seen":"2026-01-13T12:31:03.505793Z","times_seen":139,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":55,"dns":34,"connect":1,"send":0,"wait":5,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"bvtpk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-08T16:43:19.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: text/html\r\ncontent-length: 36166\r\nlast-modified: Sun, 28 Dec 2025 09:53:18 GMT\r\netag: \"6950fe0e-8d46\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Moment.js","description":"Moment.js is a free and open-source JavaScript library that removes the need to use the native JavaScript Date object directly.","website":"https://momentjs.com","common_platform_enumeration":"cpe:2.3:a:momentjs:moment:*:*:*:*:*:*:*:*","icon":"Moment.js.svg","categories":["JavaScript libraries"]},{"name":"jQuery UI:1.11.2","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36166,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (478), with CRLF line terminators","md5":"b61aaf0ff1b121ffe32a212da41469be","sha1":"f58244ddcf4bf22d3eed4d630c4c05af8d4aa6ee","sha256":"550a44b98a91006f24e1b2427759dd9b61c3a5d8ed3f19796e886acefeeae7bf","sha512":"8e88f88e54d28e67cfdca9d4d5b302354319d5fc70e53c093b146491cbb53b6f1709d1acda8548519d9e6930077d66f6fe1d7abf2522a65800b237da15a71018","ssdeep":"192:OWWzRXuVQywB7wAhplrFPVDxNllw58WcBCyJ1FY1rnu6w994rHZSFvpIARMoZ+U:r6RXuVQywCWlUnh/MLIxU","tlshash":"76f2d06920c40d6b273382b61131aefdfe9483b7c94b5999f07d276b2ff1d148a87066","first_seen":"2026-01-08T16:43:49.826263Z","last_seen":"2026-01-13T13:15:48.941012Z","times_seen":2,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":107,"dns":19,"connect":40,"send":0,"wait":39,"receive":41,"ssl":44},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/css/main.css?v=1.07","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/css/main.css?v=1.07 HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: text/css\r\ncontent-length: 1941\r\nlast-modified: Mon, 28 Oct 2024 07:18:38 GMT\r\netag: \"671f3ace-795\"\r\nexpires: Fri, 09 Jan 2026 04:43:19 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1941,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"03fe102cfc8b3c8e29514e122e8c2bd1","sha1":"d045a7b1f670f78cc104cf502673335e8dd10abc","sha256":"2300666d846326496da5b6884121b901353790d447e9bee0da543c3a29b8447b","sha512":"e3db9fa6c179b28cdcfec3b80dfabd0492fe883d4c0dc557c12163b0b280604189feda2a7916f7c381f783cccd7357982d4ba2e2fc81d1717180b1212fd4c86f","ssdeep":"","tlshash":"4241ce554ae31450b49be15c6f3b8668238ac003d30fcd69be9cb348ef991e645a2b8d","first_seen":"2025-11-02T22:07:38.870672Z","last_seen":"2026-03-19T12:02:56.714072Z","times_seen":5,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/js/main.js?v=1.5","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/js/main.js?v=1.5 HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 5060\r\nlast-modified: Tue, 25 Nov 2025 08:15:12 GMT\r\netag: \"69256590-13c4\"\r\nexpires: Fri, 09 Jan 2026 04:43:19 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5060,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"44cc44c5079ae7a3520d24c3011422b9","sha1":"c2c8c9340a8596874097ace6186fd9c90ee8b21a","sha256":"e9a3ec0fe20f54b9f8223636ff7acd233f37f4e6cd41a3edc4a1b5b860198de0","sha512":"f75fb28bc7ef6c30f56d922f1890b75b3d0205381c455d219ce149ead1a4fc66e7d20fe857f22f4671130a6c9508f9f25d33010c1c922ae53e8971ca69497bd8","ssdeep":"96:hXKyjP8+jippUD3WyXE1MMfLpweoicOl3hJUEfg2S:ha6k++U75vgc2U7V","tlshash":"83a163a8f9e311b30d337198aa8f60057494f11f2145ce487d9cc6825f88f6aa1f76ee","first_seen":"2026-01-08T16:43:49.829988Z","last_seen":"2026-01-13T13:15:48.937049Z","times_seen":2,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/img/roja.png?v=1.2","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:21.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /img/roja.png?v=1.2 HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 52492\r\nlast-modified: Thu, 24 Oct 2024 11:02:52 GMT\r\netag: \"671a295c-cd0c\"\r\nexpires: Sat, 07 Feb 2026 16:43:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52492,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2007:11:03 11:44:37], baseline, precision 8, 129x130, components 3","md5":"8a8f339533296a3d0d3bc11c7d6c09a4","sha1":"a03ba11d0191dfed09b334a67162edede587acab","sha256":"f212887cbe167350ee09abbf4eac6629b7211f95010da2757deffb8aa0152a69","sha512":"527af5fd4b1076b89270037837687b6719e5dc2e829c7895dd77ef0d5295cdfbd66a5d2f6eb3525c7765f89c4f2ac832698ebd672259105e4a6ff911cc509b91","ssdeep":"768:MJcEoycEodC4YyALJ3X5EyxdG9iBLxrwEJ7:GoyodtiJHaSG9ASU","tlshash":"c133d1244a53ff12f4da8ab898d6e348b611ae1769736d41f5ae38073f217810d9f10e","first_seen":"2023-05-22T05:25:42Z","last_seen":"2026-04-07T20:00:22.78404Z","times_seen":27,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":41,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.golazoplay.com/uploads/italia_cb19445d70.png","fqdn":"img.golazoplay.com","domain":"golazoplay.com","tld":"com"},"ip":{"addr":"185.59.220.199","port":443,"asn":60068,"as":"Datacamp Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:21.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.golazoplay.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 08 Jan 2026 03:06:43 GMT","end":"Wed, 08 Apr 2026 03:06:42 GMT"},"fingerprint":{"sha1":"04:37:E5:39:E5:F7:A4:6F:16:C3:49:96:92:0C:81:2F:E3:4D:BE:0B","sha256":"EE:37:43:96:54:B8:AE:B3:7D:47:2A:FD:7B:E6:47:0E:AF:4A:06:8C:75:0F:6E:CA:B0:A3:D3:35:D9:86:2D:66"}}},"request":{"raw":"GET /uploads/italia_cb19445d70.png HTTP/1.1\r\nHost: img.golazoplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 16:43:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 641\r\nserver: BunnyCDN-DE1-722\r\ncdn-pullzone: 3106733\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=14400\r\nlast-modified: Mon, 15 Jul 2024 06:01:43 GMT\r\ncontent-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-powered-by: Strapi \u003cstrapi.io\u003e\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7ud576xXZzaUeAstLZWUYTP%2Bzc%2Bvg6Cd2C7CJ5jQYzBvDSmH5gCTTTbMXV6L8%2FZFB5d%2Fb%2BnVUhT1ZfM5LrIky9kchqIqhkPFu%2Fcw5lnVqdQ4Fu0D\"}]}\r\ncf-ray: 98befecd3a84d233-FRA\r\ncdn-proxyver: 1.38\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 10/09/2025 15:43:44\r\ncdn-edgestorageid: 1334\r\ncdn-requestid: 772b639ccbaff7bd2ec972d2a1726a7a\r\ncdn-cache: HIT\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]},{"name":"Strapi","description":"Strapi is an open-source headless CMS used for building fast and easily manageable APIs written in JavaScript.","website":"https://strapi.io","common_platform_enumeration":"","icon":"Strapi.svg","categories":["CMS"]}],"data":{"size":641,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"970d23aa7c2c93bacccc69c1b57708ff","sha1":"42669aba990fbcf771423b1de699c3536195257b","sha256":"0cbadae2d5d58728bae1eb2260fbf89525f993cead22759d64853e9a9fc875af","sha512":"311376750ddfac1b40eaf27dcc29a5e1861723cc65716104fb191f40138c761e123ea95aeae4facc7cd7a3ae38f320a4d1b1ccccf23f72a703800d937330c139","ssdeep":"","tlshash":"4cf002c7b35198f6c1190cb1399129859f6369453789ff5e003ac25d0a1cbac3d08d39","first_seen":"2024-08-20T05:47:49.299904Z","last_seen":"2026-01-31T20:42:10.387968Z","times_seen":7,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":111,"dns":50,"connect":22,"send":0,"wait":24,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"b7510.com/5/9814505/?oo=1\u0026js_build=iclick-v1.1671.0\u0026userId=0802b8c6d575400ceace67fc555bc648\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0","fqdn":"b7510.com","domain":"b7510.com","tld":"com"},"ip":{"addr":"139.45.197.115","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:21.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"b7510.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Oct 2025 05:16:54 GMT","end":"Mon, 19 Jan 2026 05:16:53 GMT"},"fingerprint":{"sha1":"D4:41:24:3C:CF:C7:8C:56:F0:95:50:DF:63:59:AA:07:08:41:B7:48","sha256":"DF:09:31:9E:FB:30:04:94:33:7D:77:61:1E:14:8B:26:7D:32:A7:F7:3C:CC:ED:BD:06:FE:FC:B9:E7:52:70:5E"}}},"request":{"raw":"POST /5/9814505/?oo=1\u0026js_build=iclick-v1.1671.0\u0026userId=0802b8c6d575400ceace67fc555bc648\u0026dmn=bvtpk.com\u0026tt=2\u0026ix=0 HTTP/1.1\r\nHost: b7510.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 3383\r\nOrigin: https://rojadirectafhd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":3383,"data":"{\"sync\":\"TBtSUh8cJhwUBWcfHEsSAwEFUA5MXwMBbAIlKz9KWUBcHAtKQ1AVSQZbGgxbGwkFVkYLASoQTktDCFFfQkkARB5PDQ0AGlgQAwdXWAlFW04WNRkDLUMHGmhOWl4lEwE3AhtnAAFmFgwNNAFVBjJEUWxFDTsKCQI9Wx4mWglIVFpeFhoeaF1WQh8HDQ0RQAJZVRsLGRsKUA5eQRVXQ2kKAFtSQU4aARBVQ1BfXl4WGwRTGwkGVkYdGhNAAllVGxEGTFFDGEwDUBsJBlZGDRJXWAlFW1cDSFRbXhYADEcbCQdWRgkcV1gIRVtcFwsCSUgFQk9fWhEMSkhbDBhAAllVGxMeGklIBEJPVFFsWRgOW1JFThoHDmYWDkxRQhhMAkRaQ0NYXkhEVwpRDR1cD0hUW14WDQVoVlFcJQ0XDBAaGlNJFUMdBwUtXwsURGZfUxQDDQBXWAlFW1oOBgEZLVALHUNREQxKSFseEAxcBgsbW1tCSRVVAwhHWFdFWF5JRFcMVDYXVRJIVFteFg0CW1ZBaR0FFB0BQAJaVRsRDAJJSARCT1RKWhRAVFVKFg5MS0MJTUgEGAIWVF0bG0NYDkZDWllASAcLWkNQX0dQRAIMQ19cRBc7HQ0BB1sdFktDUFhHUFoLHhUDAQMHSFsaHEACSxVVFwceAgJRTEEVS0UUQEY0DQYDGkVbSxEaTFFBGEwZTVYRDEpIWx8CQAJYSwFRRkwcGhZUXAcLBxpYExAfV1gJW0EJTUgZAhoWVFwHCwcaWBMBSk9SFEsOQENQXkdQXRZPDQkfFA0CGkpPUxRLClgJSFRaQgZaQRVKWxRAVUlaQU4aGg4bW1tcU0IYTB5WThEMS1ZBWFlATBomXQQeCwgGUQpPDQkfFBAXDAlXWBokFkMIBgIKXQFAXRcRZF8UABYfBkJ2PVkIUUReUFJjBwMBDQgWAlJNU1UQTlNIClVEXkJScwsOXFYcBEpVSVhEUglJP1ATDwgEChtfXgMXAxRWRhcYV1gJRVtJBUhUSRtaGghFV1JaVxQdDlgUUQwOXBNQBxgifVUEWU1WRBQFFUUFBl5ED1AEHQsZSF0dPX4CWlgOAQsGFA4VGR1fTBwHDgVRHFdeSmN/QQ0XHBAQVggVFBEOCEYEXQsaUksJXwk0MFMcDEwMC1cABkMbFlJDG15cRFMIXhAbJSsDS1UbCQMCSUgFQk9CUFcUQAoMBBlOGg0LX0NQTEleFh4BFQMRXg4QCRtPTRcbFlMADgcZF1caDFFRVxgZCxRHV04aBx4bW1pCSQZOTFcVbGd1WEhbBhdAAlhVGw8LHklIFjkEWQoBFFZGCRxXWAhFW1wXCwJJSAdZQRVRUBRAUEFEVwZVS0MUUEZMGQZATFcaCB8UGQwmBxcIGlNJFUMEGUlIBUJPQF0RDBwFFRsQThoGCloRH0xRUHgHA0JBE05CUiZeQUAUSxFQBQ4LBVAOCAxbSlYaWAcRNxoAUjYQVwUPFklIGV9BFU5aWCUPHBEGPVQMF14VAkxRQAZWQRVaXFoVFiYMEBJMAVsDU15CSQRRAAlYSxEMWEZVShIDVQwJWAUZTFFCGEwDWxsJFB8KVD0mQBRLF1USSFRJF1pDOGQVVlhYSFsLGg5XGyZeAAcbH1AOTB5FXlEUVkYJDhlAAktbFUMJAh9QDhUQGxtZRQpGQ1lZQEgHDRtbWkJJAlocDhUDAxpYFBUJAQRXGxRmBQ8aDhFAAR8VA0gUExcmCRsGSgYQXUNQCAoeRwtBFVBAaQ4WEAwQDExLQ18ABh0OXhYHHmhaW0QVCRAdGD0AXyZWEzUADgVRHE8NX1JaCQFVShwRZwoRSw4HBx4fFlQLVlVAU1ZGEBsqB1wOHBtbDA8HAVFCT15KbFEfBxIHV1hMGwxcTUgHGC1DCw9oUlpCWF4fCRkRXUVbUBI1GQ4QawUEQ2YFBkw7FhoqDF0eHEtDUAgKHkcLQRVQQGkeAQoDAQ1INgpYBwscAlAOCAxbSlYaWA0KNxYKSgYUUBQHMQQCURwMFQNVVxYXHBVZQFYMChtbSF1TRgBWXw4ACg5YSFsLGQtdBw1mCA5MUVBBAAZZVkRYWEhbCRMEUQUQWBUPMQIWFlRPFRURQggFHw4cAWcaFkwTCQs0G1BMVxUbHxQbAA8NBxZRGhxLPgMKSUgWTEEVWlJbCgUQDxs9UQ1bA0NIQkkRQR0ZWFRsXx47SEpPQBpFW1oUGRoEH2sHCWgLEQxYRlVKFg5RChJmCA5MUVAWQk9UVkBCWF5bSllAVQwNUQ4OTFFQXh0ZVl4RGlgWJh0cBhpTWxtNSAEKLV0KTw0bERpYBR0MHBZRBhdYDTUHDwEWVDZqRA==\",\"async\":\"TBtXQwgXW1IOQFoIDRtbWEJJGl0AGUQbCQRWRhsEAQoaU0sVQwIHDxZRADJeX0FXFwFbUk1OGh0WTQAGTFFDBBNBFVtSQlheAkocEWcLGE1DUF5HUFcGDEVeWlgdRkNYWUBbARhLBgMADC1ABwBSGwkGVkYdAQYBUAgLXggECTQGXQMIFQMDGlgIHB4QDhpTSURNSAYCHEAdTw1CThpYBhUcHUACEltKFBoeBABACwkVA1VXFhccRFcDTggQVQAIAg5QDggMW0pWGlgWHAkGDVZLQxsPBUMFE0IHClZNXERXBhUdEBZXBg1RQxdCSRpdCglSV2xfHBYYBRBAAllVGwIGBw4cQDEEUxsJFA8KEgYaFVZLVRsADAgCHl0PGVJmWlJYXltKWUBMGxhfBwMNNAFbGx9UXGxfHkZDSldOGggdTwQYGgIBURwyXl0RDFhGVUoWA1UZGFAGBDECFhZUTxUVEVUPFw0HGD1RDSYIQ1BMSV4WDRhETVxbJQ0dN0dAAktbFUMJAgIRXzEEUxsJFFhIWwsaEUxLQxtDRkwGF0AGAlMbCRQQFw0JEkAUSwtmFAMKSUgWTEEVVlJpEwBbUldAFEsYXQUDGgIdWg8BaFBXRVheIjUI\",\"quality_options\":{\"hil\":1,\"jsp\":1,\"ng\":false,\"ix\":false,\"pt\":false,\"np\":false,\"nw\":true,\"nb\":true,\"sw\":1280,\"sh\":1024,\"pl\":\"https://rojadirectafhd.com/\",\"wy\":0,\"wx\":0,\"ww\":1280,\"wh\":1024,\"cw\":1280,\"wiw\":1280,\"wih\":1024,\"wfc\":1,\"sah\":1024,\"navlng\":\"en-US\",\"drf\":\"\",\"wgl\":\"llvmpipe\",\"tb\":false,\"btz\":\"UTC\",\"bto\":0,\"pnt\":0,\"pnrc\":0,\"bml\":0,\"bmi\":false,\"vsbl\":true},\"client_hints\":{}}"}},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:21 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://rojadirectafhd.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-10T13:55:53.446124Z","times_seen":13580227,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":71,"dns":13,"connect":26,"send":0,"wait":29,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/moment.js/2.30.1/moment.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/moment.js/2.30.1/moment.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 16955\r\ncf-ray: 9bad27392d4356be-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"658d7934-423b\"\r\nlast-modified: Thu, 28 Dec 2023 13:33:40 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1934646\r\nexpires: Tue, 29 Dec 2026 16:43:19 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=PP04%2Bj1Wpr7jiz12cBnB%2F4RuHmBGdekGe3AUErRCskrgiKuILZrPEa0xKTu%2BlfHFXAVkP9qCmhA24%2F7ypXVYma1g8UpV6NWeQzTGRjUo%2FwMoptOVdM4FRyAuHlsO3luUQZ01LX0C\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":58912,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (58912), with no line terminators","md5":"be51675f16a773d868e992735ecbf078","sha1":"5fbb015c68f4e95434cd63e8a46e17e91da1e184","sha256":"5b3eef58af8f051a73350fb530ccd1826e6a21ea840a60d5a9b81acb6d3823a0","sha512":"428252e033a17661bc91b6c7931981febb4f74deb670659701d00559624fbd4145d7fcf170f49d0279f81e1619488955a0b5442742deb1f365bac826d9b3df9c","ssdeep":"768:HgtHJgvZaVdUtI7uxwgmOSw9lU6+0Iwkndand2ru+4PHy:AV04fUtnkOSCo3BdEdKua","tlshash":"5f4392ce3546b11257b212b6082f050be33e59a96c4e4d2cf508d9e97879c6e427ffb8","first_seen":"2024-04-05T23:11:40Z","last_seen":"2026-04-10T03:02:06.892156Z","times_seen":1376,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":20,"receive":1,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/espn_2.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/espn_2.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3932\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-f5c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3932,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"63691b47251fe829a3f086bb9097788d","sha1":"62d47ed6d53a5bd2cf4f662390f345ade5710a2a","sha256":"f590acc8b2922a4f6b420db490e90d72385965b2adce8e2ff9012fdf461c2098","sha512":"d8a007f8fa4bc051e8e0c33c510f5b955a4bec1bb7512a302c719ff9b6aa6f145bb709df369987c8d3001395d6b42fa008652ecb00422212ec6aa0ab09827456","ssdeep":"","tlshash":"78811a8538171b77ca763bf022c58a2a3acc940cfd9f6721972c05aa85c447e622dde1","first_seen":"2024-04-05T23:11:41Z","last_seen":"2026-03-19T12:02:56.702481Z","times_seen":8,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/fox_sports_2.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/fox_sports_2.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7304\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-1c88\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7304,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"efd4afd6a8fcf8dc2d83dc6331a7153c","sha1":"229c20f0875acf24e8244b5310bf940484e4b82d","sha256":"6cfc442b367684b3b2e2251666a6126ea05e27eff04f89be36af0c1e0f7096ec","sha512":"e03f961a2a4910b68e638647a36df559cc2c4a3d85adc40ad330a203a336a11fdc8fd11e16b87091bff7fbb2f130fc45d41dca3bbf61675f941e5b32da2ae671","ssdeep":"192:1R9oykl8SFuj+bvtjTYvKGnTqye1C0GW+Mg2/oY8qD+I:1Iykl8Scja90iGtxTWQk58q6","tlshash":"24e1bf68f572f017feaa2251d55cf33078266910df4f3ee807778240c8c55485aef990","first_seen":"2024-04-05T23:11:41Z","last_seen":"2026-03-19T12:02:56.716536Z","times_seen":7,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/?size=10\u0026id=59862\u0026format=png\u0026color=000000","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:21.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 06:48:08 GMT","end":"Mon, 06 Apr 2026 06:48:07 GMT"},"fingerprint":{"sha1":"3F:1B:3B:A7:95:EF:39:CC:7C:3C:DF:97:D4:91:B5:D6:72:C1:84:F4","sha256":"5B:CC:84:7B:51:F2:0D:93:54:CE:4B:4D:40:DE:1B:A0:33:DF:00:47:9C:59:95:DA:DB:45:BD:47:71:68:77:28"}}},"request":{"raw":"GET /?size=10\u0026id=59862\u0026format=png\u0026color=000000 HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 16:43:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 151\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: 59862\r\nicon-size: 10\r\nicon-format: png\r\nlast-modified: Mon, 05 Jan 2026 15:18:48\r\nversion: 0.0.29\r\nfrom-mongo-cache: false\r\nfrom-redis-cache: true\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: EwwBuUwJGwH3CgUEAAwBuUwKDAH3HQEAAAwBJRPCMQG3NgAAAA\r\nx-77-nzt-ray: fdb5412340100122a9de5f693ff0b10e\r\nx-77-cache: HIT\r\nx-77-age: 263434\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":151,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced","md5":"41c171e078e7601ee7bdba179667bb59","sha1":"b241025d35417d24329fb9da9f557709085cf714","sha256":"a8fbc9f8e217d13bc093c07c3e2eafa5477b8988087149b6e2b1bc22ae2f3933","sha512":"5b36bd2e7d0c3f4e1331ee8a28fc54ebe10e5d3cd37f9ba9227e53f855765b9c92554c6fbe482ccb048d0f97422f8a3db9e46aec6a94f01a15ae9677688d2435","ssdeep":"","tlshash":"b9c08cd68a52a43a976a4a26204f24a888a7e6ac25065961b4f0a93a608e8ec0659321","first_seen":"2025-01-30T15:49:17.40365Z","last_seen":"2026-01-31T20:42:10.369199Z","times_seen":23,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":84,"dns":56,"connect":7,"send":0,"wait":8,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/espn_premium.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/espn_premium.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6356\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-18d4\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6356,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"118a4e654b21ebf20fd743d396d90792","sha1":"f13bb997ab1f5da2c5458de161769abf06097138","sha256":"3be13d9584faf31c4f78113b1cd93ce4a15cecfd34576175fc00b7cf81701c5d","sha512":"5ade495fa33d8c7051acc7313be44900f1d889146470111cfc4a35c42bd9e4a27aecd35fd063cb1998a9c7e394f0cdb37df8b826963cb590073e4f973d2451be","ssdeep":"192:mUwbuM5pljaXeaYEqwmtD5Us8OYBgCDDaC:qSLB1m1Us8pDu","tlshash":"d9d19eed610c0c33fec680251741ea75392a7c7f662b3cfb641b5649e61d248f20496b","first_seen":"2024-04-05T23:11:41Z","last_seen":"2026-04-05T08:18:25.608481Z","times_seen":10,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/dsports.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/dsports.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10078\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-275e\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10078,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6ea594570d490d697c1961976a28ccab","sha1":"023a79bd85b2efa102474351d8e233532906f1e9","sha256":"5a36e356403a5201a48309b7906aba29079668614a2fb1a7d5bcf9a09bf41e27","sha512":"05b2a8bbb3240633b8657b32dedcafbe29a165f28dda5ac9d3163a91f32c16e4a4de2932164bcd5c9d8497d11dd356e5f4bf508449c1e0bd44d0dfaf944665bf","ssdeep":"192:Yd1ZwLb/lo8eQCCGqVOifDOdaPilY1DDigPQ396yiCHsq11HH5XMO9A:Yd1Zwn9nLHrOIKomgPQzpsqnH5XMO","tlshash":"0422bfc226150582d2bd9abc4b25aca40306084bb11760b5d3e3238f5efb819adf7d4f","first_seen":"2024-04-05T23:11:41Z","last_seen":"2026-03-19T12:02:56.739253Z","times_seen":9,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/tyc_sports.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/tyc_sports.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5640\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-1608\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5640,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"623902d5b3bf319af43f9b51d9f666a6","sha1":"8c2ab0eee85a0eb2a60a6c37ac92b3a66378e56f","sha256":"15ba4e107930aff8524996728ebd94ea342bab85d394697ffec026f2ac99dfdf","sha512":"143308ff4da62810a0215d22495b6f4170d420e4a7246848c535fc3cf45c811b6160710f7a469aa0b86f6031e082eb0abb2d5b00d810a47de284084e451dcfde","ssdeep":"96:SXdnssclRlEwN+iiupmCg/t+KvQAb0lUS8NHBslz2HdvwA2mQr+TJJaS1q:11RlEwNoCg/t+c+UylzCL2NSTWl","tlshash":"dac17dc820f17512f59007f9dd38053eae968e0211146066c129c381abefc6ebd72bd9","first_seen":"2025-03-05T04:12:08.575454Z","last_seen":"2026-04-05T08:18:25.605654Z","times_seen":7,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/tnt_sports_premium.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/tnt_sports_premium.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11778\r\nlast-modified: Sun, 27 Oct 2024 07:13:40 GMT\r\netag: \"671de824-2e02\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11778,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"26266b882a3b66f3507e9005822ab9b0","sha1":"44de42f119e6722d51ad10638826b800a8e9d1b4","sha256":"39a4ad28234952ef802a0f03fbbb7733783b146e11e1f77ea893e868ec5e4227","sha512":"81321f5c27f2655033fde17744c5e9d21f3c5b4b59a8f97fcb27e94f6725d95c91ccde8347894abb914ba076852a36f5d74f272b1ab7740ad523fb954924679e","ssdeep":"192:T4wTcezZCsYd217iUegFeb6hfzozN4xtFqQIeSy21VzF1isAUTAEEETyAC:TlrzQVd212TgPfz04xtQQo1VzF1isAUc","tlshash":"1732c09a1bf0d6a0c984dad9e14244f17af8df2b2d9142dc54d987d3cfcc8a83436a34","first_seen":"2026-01-08T16:43:49.858212Z","last_seen":"2026-03-19T12:02:56.727503Z","times_seen":3,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/espn_deportes.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/espn_deportes.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8080\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-1f90\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8080,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4f61ea0fd68997038318a1a039b8c639","sha1":"7f7f470fe613b3b79a33ea5d1060311b9b33018a","sha256":"b5a00c598616fd6b1626e3403a3b8a1f1213de7c4c793efb96d79af25873c159","sha512":"ef9d8efd55504211c5f88e0650cf4326d5f2248f2eeefabeea502e58506b72d1a7ba928ba2cee1937e8a0442a73db99aa9ab4f5c9182f2be835b3d82a07c9b22","ssdeep":"96:nphDqxt5IwaMDLMCtTPsejWAe7t6PwykcAH1UKl/FjGohAx+ns5HrA3HcctokKlX:npghPnDhDA6wyb01UK5QBwX8lqvVgTB","tlshash":"baf1bfb4403742cbc47bbcb04e9db606bdaa23858417368dad5032792ec61d41e6bb3c","first_seen":"2026-01-08T16:43:49.865736Z","last_seen":"2026-03-19T12:02:56.736732Z","times_seen":3,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/fox_sports_premium.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/fox_sports_premium.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11670\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-2d96\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11670,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ede36ff553008b5eb720fa0e2355170b","sha1":"acfaaf05177470ea6a354c903df913fa284b4faf","sha256":"8aeaf3009604d7554ad407e1ffb3fe075541ffc32d92facd286c2975cf903184","sha512":"3588099f972a511c5f48a66f26c8fe832b816fc47810c90e5f0d23669f04ef5973cb677f95dca00d25d350515feda55ee339fe63ae06253c34db6566ef8eaa8d","ssdeep":"192:vgrz93sNTVHbaT+536CweV1+Rx7/Ri8woBG6PNqYm+/JOs8aQaIHwNrLRSup:vezl8V7aT+5qs7+Rx48HhPNzmYJOssr+","tlshash":"e332c024999bcb5fabc041e284927a21d145576e161cfec8db428ecd45f0b914e6fcce","first_seen":"2024-04-05T23:11:41Z","last_seen":"2026-03-19T12:02:56.749982Z","times_seen":6,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/dsports_2.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/dsports_2.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9360\r\nlast-modified: Sun, 19 May 2024 03:36:28 GMT\r\netag: \"664973bc-2490\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9360,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0949db03ec4e2692157fedcdcf9ff15e","sha1":"acb0005842951aa3f748d67f622bc81b59e4080a","sha256":"b7602d15ab1997366f01d0d18e997eaa123eb7f4774e3b63a3aeadf30e3bd957","sha512":"5f2d06aa2848ded29435901a8d99a88ea5a476369ee317fec4a403958590567ac1da1d3fd308bd6d464cc77f8b140d371f1f9701ad3d1e8cb67ea0a6b69b9ae2","ssdeep":"192:azAwK2+pN+9M3rmevmqtuHSPzgCN/25gjlaG12RgRpZCcQtFkYb:aVK2oKOmqtA6kCN/ogJFXwtFkY","tlshash":"f512bf87f3fc5cf7d01143a01163116dbf9a44f421c69a1639433f8a6ba8b2df2949ae","first_seen":"2024-04-05T23:11:41Z","last_seen":"2026-03-19T12:02:56.69326Z","times_seen":7,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:20.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Dec 2025 17:37:04 GMT","end":"Tue, 24 Mar 2026 18:37:01 GMT"},"fingerprint":{"sha1":"05:4F:CA:93:1E:46:6C:B4:A4:49:3A:2A:0C:AD:DB:CA:8C:CF:BC:9C","sha256":"81:B0:0B:B9:30:D8:5D:FE:11:36:CE:28:36:04:4F:41:74:05:00:57:EE:04:F0:1D:44:B3:B4:6F:A6:4F:D8:FD"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rojadirectafhd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rojadirectafhd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 16:43:20 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://rojadirectafhd.com\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=0802b8c6d575400ceace67fc555bc648; expires=Fri, 08 Jan 2027 16:43:20 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 9bad273feba35684-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"b5fc090ccdead84362ee5faf73490b94","sha1":"aa85a0b029ca6a0f5265921086cf391f8da05f11","sha256":"4316bd72a53d89e2720ebee01cdc37ea507afa916d3e06e84e265ec769d0ea5a","sha512":"47406e49f19d725013a61bba0ed5c7d5008fb8685d76b397d2de19fc36c17ef0c06c28e768e1e77e4192b3e74a6f572a680bda08431604580cde872d9b9fcf7b","ssdeep":"","tlshash":"83a0028106284e84b1461b252d8fc65f4095a0a1954ae64843dad0553bd654c6a4aac1","first_seen":"2026-01-08T16:43:49.876764Z","last_seen":"2026-01-08T16:43:49.876764Z","times_seen":1,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":50,"dns":33,"connect":1,"send":0,"wait":36,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rojadirectafhd.com/assets/img/logo-canal/espn_6.webp","fqdn":"rojadirectafhd.com","domain":"rojadirectafhd.com","tld":"com"},"ip":{"addr":"176.119.25.170","port":443,"asn":30860,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rojadirectafhd.com/","date":"2026-01-08T16:43:19.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rojadirectafhd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 13:49:48 GMT","end":"Sat, 28 Mar 2026 13:49:47 GMT"},"fingerprint":{"sha1":"C8:9E:58:0B:BB:FC:47:49:45:D1:47:25:9A:75:CD:2C:D2:64:DE:41","sha256":"8A:5C:D2:FB:96:5C:2A:4D:C6:54:6E:00:CB:6C:12:54:86:38:73:C3:D2:5A:D5:50:54:2B:C9:69:72:F0:D3:9B"}}},"request":{"raw":"GET /assets/img/logo-canal/espn_6.webp HTTP/1.1\r\nHost: rojadirectafhd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rojadirectafhd.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 16:43:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7008\r\nlast-modified: Sun, 27 Oct 2024 07:13:40 GMT\r\netag: \"671de824-1b60\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7008,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1f17ee296f0254344017dedea87e4387","sha1":"75d0e66595fc9838e73e5b14add679b78498127d","sha256":"9eac85179fd2ce7601b90249d1e51d62ebce282a9306b88c727999b7f4bf37e1","sha512":"18544e768cb9bd50e523d89b5cfcbc2d6060e660b01305ccf7e42a48ece8f7bfcddd51e4edab7418799b38ed78674944cd724bac4c0aeffd7ae92708220e480d","ssdeep":"96:rnemJz2X+/z68Adaz0hZoYDjMh2Yn1rTBQGxzrCGvZ8YBtd3UyZnlNvcQNKKXD:rBJqXK68AA0TjMhhnZpSyZfBtl/NjV","tlshash":"d3e18f212440154bce0d26701fbfbeb7a068a7348e7d25f71181255fe4b5540ef649bf","first_seen":"2026-01-08T16:43:49.879674Z","last_seen":"2026-03-19T12:02:56.742238Z","times_seen":3,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"rojadirectafhd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}