Report - sportsloverss.online/?p=749

Report Overview

Visited public
2025-06-07 16:55:45
Tags
URL
sportsloverss.online/?p=749
Finishing URL
sportsloverss.online/?p=749
IP / ASN
104.21.16.1
#13335 CLOUDFLARENET
Title
(1) New Message!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

130

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
my.rtmark.net	9054	2014-10-29	2015-02-04	2025-06-05	1.0 kB	1.7 kB	104.18.41.22
upload.wikimedia.org	2215	2003-03-16	2012-05-21	2025-06-05	467 B	1.8 kB	185.15.59.240
eehassoosostoa.com	unknown	2024-12-04	2025-01-06	2025-06-06	2.2 kB	171 kB	139.45.197.107
glempirteechacm.com	unknown	2024-12-04	2025-01-14	2025-06-03	3.7 kB	167 kB	139.45.197.106
cdn.show-sb.com	unknown	2024-08-20	2024-08-31	2025-06-06	531 B	2.3 kB	172.67.170.115
xk0qpywuw9gy.n4.adsco.re	unknown	2017-02-14	2025-06-07	2025-06-07	472 B	463 B	38.132.109.126
www.highperformanceformat.com	unknown	2024-10-15	2024-10-23	2025-06-04	930 B	56 kB	172.240.127.234
wearychallengeraise.com	unknown	2024-08-19	2025-01-23	2025-06-01	5.2 kB	16 kB	192.243.59.13
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2025-06-06	867 B	754 B	185.196.197.72
xk0qpywuw9gy.s4.adsco.re	unknown	2017-02-14	2025-06-07	2025-06-07	472 B	463 B	185.200.116.60
kzt2afc1rp52.com	unknown	2020-04-27	2020-04-27	2025-06-04	455 B	105 kB	192.243.61.225
xk0qpywuw9gy.l4.adsco.re	unknown	2017-02-14	2025-06-07	2025-06-07	472 B	463 B	185.200.118.62
experttrafficcounter.com	unknown	2025-01-23	2025-01-24	2025-06-06	3.4 kB	2.5 kB	52.58.57.192
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-06-04	891 B	544 kB	151.101.1.229
t.dtscout.com	11951	2013-11-01	2017-01-30	2025-06-06	511 B	3.2 kB	104.26.11.2
yv.nudecorvees.com	unknown	2025-01-17	2025-06-07	2025-06-07	433 B	1.4 kB	23.109.170.27
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-06-04	1.4 kB	53 kB	142.250.74.10
pubtrky.com	unknown	2023-11-21	2023-11-21	2025-06-02	499 B	538 B	104.21.8.108
adsco.re	8541	2017-02-14	2017-04-03	2025-06-05	460 B	1.8 kB	162.252.214.5
grookilteepsou.net	unknown	2025-01-08	2025-01-08	2025-06-04	6.7 kB	106 kB	139.45.197.122
pl26816526.profitableratecpm.com	unknown	2025-04-07	2025-06-07	2025-06-07	470 B	105 kB	172.240.108.84
ht.escinsuper.com	unknown	2024-09-07	2024-09-07	2025-01-18	430 B	1.4 kB	23.109.170.241
ocartoukseeli.net	unknown	2024-09-27	2024-09-27	2025-01-05	844 B	0 B	0.0.0.0
vaimucuvikuwu.net	unknown	2024-12-04	2024-12-18	2025-06-02	3.5 kB	11 kB	139.45.197.106
fpyf8.com	unknown	2022-04-06	2025-05-24	2025-06-03	416 B	112 kB	139.45.196.64
stouwhoafap.com	unknown	2025-06-07	2025-06-07	2025-06-07	2.8 kB	116 kB	139.45.196.63
tzegilo.com	unknown	2022-01-14	2022-01-14	2025-06-02	415 B	19 kB	172.67.193.52
pl26816535.profitableratecpm.com	unknown	2025-04-07	2025-06-07	2025-06-07	470 B	66 kB	192.243.59.20
nannyirrationalacquainted.com	unknown	2024-08-19	2025-01-22	2025-06-02	2.6 kB	14 kB	192.243.61.227
sportsloverss.online	unknown	unknown	No data	No data	6.7 kB	430 kB	104.21.80.1
sportstreamslife.shop	unknown	2024-11-05	2025-01-04	2025-01-04	1.0 kB	235 kB	172.67.205.180
fleraprt.com	unknown	2022-01-14	2022-01-14	2025-06-06	1.2 kB	918 B	139.45.195.252
code.jquery.com	634	2005-12-10	2012-05-21	2025-06-04	421 B	90 kB	151.101.194.137
6.adsco.re	17812	2017-02-14	2018-01-15	2025-06-05	881 B	1.0 kB	104.17.167.186
bobapsoabauns.com	unknown	2025-01-23	2025-03-26	2025-06-03	1.9 kB	120 kB	104.21.73.203
youradexchange.com	273384	2012-11-09	2013-02-04	2025-06-05	1.5 kB	3.9 kB	104.18.25.98
unseenreport.com	unknown	2022-03-30	2022-03-30	2025-06-05	1.5 kB	992 B	192.243.59.13
awwyjxkcvjlntd.com	unknown	2025-06-06	2025-06-07	2025-06-07	437 B	763 B	139.45.197.156
c.adsco.re	16577	2017-02-14	2017-11-29	2025-06-05	517 B	80 kB	104.17.166.186
top2new.newkso.ru	unknown	2025-04-01	2025-05-02	2025-06-04	556 B	758 B	104.21.45.220
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-06-04	3.9 kB	385 kB	142.250.74.35
madurird.com	unknown	2023-10-06	2023-10-07	2025-06-06	2.8 kB	224 kB	139.45.197.106
cdn.storageimagedisplay.com	unknown	2024-09-13	2024-09-13	2025-06-05	924 B	159 kB	45.133.44.1
waust.at	38137	unknown	2016-01-28	2025-06-06	399 B	13 kB	104.26.5.7
allupplay.xyz	unknown	2025-04-16	2025-06-03	2025-06-03	1.4 kB	126 kB	104.21.52.143
cdn.creative-stat1.com	unknown	2024-08-20	2024-08-27	2025-06-05	2.1 kB	151 kB	188.114.97.1
antiadblocksystems.com	122065	2020-04-18	2020-04-19	2025-06-04	1.7 kB	257 B	208.95.113.2
www.antiadblocksystems.com	201777	2020-04-18	2020-04-18	2025-06-04	475 B	38 kB	95.173.205.15
4.adsco.re	19179	2017-02-14	2021-01-04	2025-06-06	881 B	876 B	162.252.214.5
roagrofoogrobo.com	unknown	2024-12-04	2025-01-06	2025-06-03	7.2 kB	166 kB	139.45.197.107
recordedthereby.com	unknown	2024-05-08	2024-05-08	2025-06-02	1.3 kB	258 kB	185.196.197.71
invadedisheartentrail.com	unknown	2024-09-01	2024-10-22	2025-06-02	8.1 kB	12 kB	192.243.59.13

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-06-07 16:55:28	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:28	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:28	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:28	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:28	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:28	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:29	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:29	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:29	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:29	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:29	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:29	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:30	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:30	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:30	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:31	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:31	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:31	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:35	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:35	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-07 16:55:35	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-07	medium	grookilteepsou.net	Sinkholed
2025-06-07	medium	highperformanceformat.com	Sinkholed
2025-06-07	medium	nannyirrationalacquainted.com	Sinkholed
2025-06-07	medium	grookilteepsou.net	Sinkholed
2025-06-07	medium	madurird.com	Sinkholed
2025-06-07	medium	grookilteepsou.net	Sinkholed
2025-06-07	medium	roagrofoogrobo.com	Sinkholed
2025-06-07	medium	profitableratecpm.com	Sinkholed
2025-06-07	medium	vaimucuvikuwu.net	Sinkholed
2025-06-07	medium	escinsuper.com	Sinkholed
2025-06-07	medium	grookilteepsou.net	Sinkholed
2025-06-07	medium	vaimucuvikuwu.net	Sinkholed
2025-06-07	medium	ocartoukseeli.net	Sinkholed
2025-06-07	medium	recordedthereby.com	Sinkholed
2025-06-07	medium	invadedisheartentrail.com	Sinkholed
2025-06-07	medium	nannyirrationalacquainted.com	Sinkholed
2025-06-07	medium	bobapsoabauns.com	Sinkholed
2025-06-07	medium	roagrofoogrobo.com	Sinkholed
2025-06-07	medium	invadedisheartentrail.com	Sinkholed
2025-06-07	medium	bobapsoabauns.com	Sinkholed
2025-06-07	medium	grookilteepsou.net	Sinkholed
2025-06-07	medium	roagrofoogrobo.com	Sinkholed
2025-06-07	medium	recordedthereby.com	Sinkholed
2025-06-07	medium	ocartoukseeli.net	Sinkholed
2025-06-07	medium	roagrofoogrobo.com	Sinkholed
2025-06-07	medium	unseenreport.com	Sinkholed
2025-06-07	medium	grookilteepsou.net	Sinkholed
2025-06-07	medium	invadedisheartentrail.com	Sinkholed
2025-06-07	medium	eehassoosostoa.com	Sinkholed
2025-06-07	medium	grookilteepsou.net	Sinkholed
2025-06-07	medium	madurird.com	Sinkholed
2025-06-07	medium	grookilteepsou.net	Sinkholed
2025-06-07	medium	glempirteechacm.com	Sinkholed
2025-06-07	medium	profitableratecpm.com	Sinkholed
2025-06-07	medium	madurird.com	Sinkholed
2025-06-07	medium	eehassoosostoa.com	Sinkholed
2025-06-07	medium	roagrofoogrobo.com	Sinkholed
2025-06-07	medium	roagrofoogrobo.com	Sinkholed
2025-06-07	medium	highperformanceformat.com	Sinkholed
2025-06-07	medium	capaciousdrewreligion.com	Sinkholed
2025-06-07	medium	grookilteepsou.net	Sinkholed
2025-06-07	medium	grookilteepsou.net	Sinkholed
2025-06-07	medium	invadedisheartentrail.com	Sinkholed
2025-06-07	medium	nudecorvees.com	Sinkholed
2025-06-07	medium	eehassoosostoa.com	Sinkholed
2025-06-07	medium	invadedisheartentrail.com	Sinkholed
2025-06-07	medium	madurird.com	Sinkholed
2025-06-07	medium	invadedisheartentrail.com	Sinkholed
2025-06-07	medium	grookilteepsou.net	Sinkholed
2025-06-07	medium	grookilteepsou.net	Sinkholed
2025-06-07	medium	glempirteechacm.com	Sinkholed
2025-06-07	medium	invadedisheartentrail.com	Sinkholed
2025-06-07	medium	bobapsoabauns.com	Sinkholed
2025-06-07	medium	vaimucuvikuwu.net	Sinkholed
2025-06-07	medium	recordedthereby.com	Sinkholed
2025-06-07	medium	bobapsoabauns.com	Sinkholed
2025-06-07	medium	unseenreport.com	Sinkholed
2025-06-07	medium	invadedisheartentrail.com	Sinkholed
2025-06-07	medium	vaimucuvikuwu.net	Sinkholed
2025-06-07	medium	capaciousdrewreligion.com	Sinkholed
2025-06-07	medium	roagrofoogrobo.com	Sinkholed
2025-06-07	medium	grookilteepsou.net	Sinkholed
2025-06-07	medium	glempirteechacm.com	Sinkholed
2025-06-07	medium	invadedisheartentrail.com	Sinkholed
2025-06-07	medium	glempirteechacm.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (59)

	URL	From	Size	First Seen	Last Seen
	sportsloverss.online/wp-content/themes/newspaperly/js/accessibility.js?ver=20160720	ScriptElement	1.2 kB	2023-05-22	2025-06-14
Pretty URL sportsloverss.online/wp-content/themes/newspaperly/js/accessibility.js?ver=20160720 IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 13:20 Last Seen2025-06-14 17:27 Times Seen30 Hash 939a91c88e6489b5280aef04d84f7316 dd2ef96b41e865ae0637a3506904c07a0826a871 3607065629dc85c928677d972f541e82f7da6aa6d645f3e8e90fd1f1dfaa53b8 Loading...

	sportstreamslife.shop/player/stream-55.php	ScriptElement	467 B	2023-03-09	2025-06-15
Pretty URL sportstreamslife.shop/player/stream-55.php IP 172.67.205.180 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 01:35 Last Seen2025-06-15 20:05 Times Seen240 Hash f6ca01bb0ca3ebde821544f18ec83583 2e8cbf747f80c79ae8c12b8685556757e813b9db a1d2b03b3b1269adbdcbda20f64807bc730335783a9a90e9fbd743f898fb675c Loading...

	about:blank	ScriptElement	601 B	2025-06-07	2025-06-07
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash ba859c82fb591f198179efe940d69f9e f6afa2195adcd2de9e61d333e4150fe6b3f3d5ea a73f42172bf8c4cf862f571f8736a8a50ca0edc715c770878d3f45c5bc2b3717 Loading...

	www.highperformanceformat.com/f591db634d24e75b9d8ac135133ca656/invoke.js	ScriptElement	27 kB	2025-06-07	2025-06-07
Pretty URL www.highperformanceformat.com/f591db634d24e75b9d8ac135133ca656/invoke.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash f3aa6d16ca1a8ae70745aed597d91f80 6999a73f347c9f959d54088925f95ec0ba01e1e8 f9d0eb14db9778659074757c18c832fe9471ac64b360697916ebff6b3db8c248 Loading...

	about:blank	Eval	2.1 kB	2025-06-07	2025-06-07
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 9eeb43ebd1de72ed0a32ce58654794f4 9f4ed27a86ac32d68d834f2d066bdea5bdb777f3 7638fe3bfed163f3dab987e11fd68fd3ced142e9decc55225bee96a916a7373a Loading...

	sportstreamslife.shop/player/stream-55.php	EventHandler	8 B	2025-06-07	2025-06-07
Pretty URL sportstreamslife.shop/player/stream-55.php IP 172.67.205.180 ASN #13335 CLOUDFLARENET Introduced by eventHandler Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 7aea0becc3ad32bcc0498ee82ee15cec b9b17d1e58d1dea570e88488b163573687b07bab 5a469e5ab1654b9f994315ce4e06d17f8ce756c863d9cc349efa08048bc777db Loading...

	sportsloverss.online/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	14 kB	2023-05-09	2025-06-16
Pretty URL sportsloverss.online/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-06-16 07:36 Times Seen113062 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	about:blank	ScriptElement	145 B	2025-06-07	2025-06-07
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 13d17983988f01f1053e8f4145368f7d 3817c28def3b55bdf950df79bbcb27ffc581bdd3 8bc287d9bd9eb6e296e787ae5f10bd959e97b2422a5b42c64ee1ab1579c2bc58 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2025-01-25	2025-06-16
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 09:25 Last Seen2025-06-16 07:36 Times Seen1779 Hash 108625937affa4b38bb17cea65510d72 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0 Loading...

	sportsloverss.online/wp-content/themes/newspaperly/js/script.js?ver=20160720	ScriptElement	3.9 kB	2023-03-07	2025-06-14
Pretty URL sportsloverss.online/wp-content/themes/newspaperly/js/script.js?ver=20160720 IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-06-14 17:27 Times Seen100 Hash 61caf6e2f693a88ed96e1b413b90bb41 804f26a285cbf49c2aab613ddd5ed1c3889f9c20 affd9edd5dc26a271a81e36bade23368d81e7c628a7bb39901ec92376d296705 Loading...

	sportstreamslife.shop/player/stream-55.php	ScriptElement	195 kB	2025-06-05	2025-06-07
Pretty URL sportstreamslife.shop/player/stream-55.php IP 172.67.205.180 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-05 17:29 Last Seen2025-06-07 17:04 Times Seen4 Hash a45d6ae57d9dd413c688f446e82bfd75 a3abdba4bde91dd8f6408d24a63b0870db5d1667 1771f988330b5f51fd91f0497fa0d2fc399222206d71f9ec99357faf1c6c2c7e Loading...

	fpyf8.com/88/tag.min.js	ScriptElement	112 kB	2025-06-06	2025-06-08
Pretty URL fpyf8.com/88/tag.min.js IP 139.45.196.64 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-06 19:38 Last Seen2025-06-08 02:28 Times Seen5 Hash 52e0ab26c84d4707fb47ff7c0ab6c104 d573a862cbecdb9b3d68a48e13272a33743513f1 2132f896fbd6a76150763b8746b55e8745c5bcdfc50478139d7b0a4d8aaab0ef Loading...

	about:blank	Eval	2.0 kB	2025-06-07	2025-06-07
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash d93ab288628b240878003a7b35dbe3a6 d54bf859d4766291b28fb41b4be6930291e06dfe 4213d1e55c0b0e437df272a258545ceee7b5393f99b55414087454e5ea5ad30d Loading...

	pl26816535.profitableratecpm.com/24/12/29/241229b746680fef8f280280d57d155e.js	ScriptElement	65 kB	2025-06-07	2025-06-07
Pretty URL pl26816535.profitableratecpm.com/24/12/29/241229b746680fef8f280280d57d155e.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash ca34460e0ef7ae718d9f22e925eeba8d 3fd9e0a957fcea046e76950415147a2a202a8857 49efd00dd3acc4332d3f9a8bd2363cdc24f34f2910ddd1855b94401e739e0354 Loading...

	sportsloverss.online/?p=749	ScriptElement	424 B	2025-06-07	2025-06-07
Pretty URL sportsloverss.online/?p=749 IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 64ea7930b54d02f66821dda7f1fe39e2 52bb1d858607bdb5fee2779639f660ede7e5745e b53057c32eb7f15cb71d6cf84a59ec39e3816e0842c36dfb5f8cd7f75e99e517 Loading...

	sportstreamslife.shop/player/stream-55.php	ScriptElement	113 kB	2025-06-07	2025-06-07
Pretty URL sportstreamslife.shop/player/stream-55.php IP 172.67.205.180 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 052472b567f38d25fbf192372d4d2004 5fe1af8f8160dc7d143c32c208440b8d03b4dc41 c096e3af92b95d43c3b8d86bc0f1deae5f44e0cf918b312cf4f6c71bd48e0dbc Loading...

	about:blank	ScriptElement	5.0 kB	2025-06-07	2025-06-07
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 52ed14b4890ffa6372faa35f5c9dcab9 396d6c12f66e4f6afdb11e3a95c7ead6dfa9f981 61f1adc301ee44f8e4ee12aa24bac3b3e4c7b1078db31aaf05d73f2fc5f5d92a Loading...

	sportstreamslife.shop/player/stream-55.php	ScriptElement	157 B	2023-03-11	2025-06-15
Pretty URL sportstreamslife.shop/player/stream-55.php IP 172.67.205.180 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 19:15 Last Seen2025-06-15 20:05 Times Seen196 Hash 60f1798bac26472658ff588720760829 9929b26eeb812be15261ac5aee076e468bf4764f acf1662d0ddc764da1a0a9ca8c14ce6d6a937aecef80b4b0e0426698a24b765d Loading...

	sportstreamslife.shop/player/stream-55.php	ScriptElement	8.5 kB	2023-07-23	2025-06-15
Pretty URL sportstreamslife.shop/player/stream-55.php IP 172.67.205.180 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-23 19:35 Last Seen2025-06-15 20:05 Times Seen144 Hash ff656e6bdffbea98da4df97ff7ae3d21 f742e8d729409184fdaf152c2d2b670d6db7e9ec 9e6e95d6fa2ce522e900a6eb22ef91ae4fa930a9e39e2ca913742d48d0484b68 Loading...

	about:blank	JavascriptURL	5 B	2023-03-07	2025-06-16
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by javascriptURL Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-16 07:32 Times Seen27584 Hash 68934a3e9455fa72420237eb05902327 7cb6efb98ba5972a9b5090dc2e517fe14d12cb04 fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Loading...

	about:blank	Eval	1.6 kB	2025-06-07	2025-06-07
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 921cfd0848618a01a8a39cd49d4c07b2 9b03f856f99bfc132e34b05a22dd590a5b333f36 2eabe2bea5bbae41e36f41a125e7d639bf0bfe251fcdf5946d3a49fd84d2dbcf Loading...

	ht.escinsuper.com/rG2eVOfCrjcQ/69521	ScriptElement	5 B	2025-04-24	2025-06-16
Pretty URL ht.escinsuper.com/rG2eVOfCrjcQ/69521 IP 23.109.170.241 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-24 10:17 Last Seen2025-06-16 05:54 Times Seen725 Hash 848667c49f5d3aef59cd65ed276cd7ae bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763 cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8 Loading...

	sportsloverss.online/?p=749	ScriptElement	957 B	2025-06-07	2025-06-07
Pretty URL sportsloverss.online/?p=749 IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 178fb25578a37db987ea909688d8463c 642f4d785b3c75d507d252d8c41a78274f304382 5f3241d1a84638d9a5b1edc7f0f2c9c5cd5fe360109ef48a945b75c894e35897 Loading...

	www.antiadblocksystems.com/ofetch-jsonp.min.css	ScriptElement	37 kB	2025-06-07	2025-06-07
Pretty URL www.antiadblocksystems.com/ofetch-jsonp.min.css IP 95.173.205.15 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash d42a4cf03ea195dc0d82eebb42e324f3 0b5113c485d0c945347658d032bb8d75b720927c 446c4ca4e0b96eba7b2f060f6fe2c06e8043d9760fcd9caf1b550330188e99ff Loading...

	about:blank	ScriptElement	5.0 kB	2025-06-07	2025-06-07
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 3b7564cc4b2b8d36560a93d36130d678 fd970a47843724e9641384cfa242c0f5ed0c10dd 4f2e7f8f32de302fe550ee3b110cb8da051138b91370cffeb6326849a0d4bb07 Loading...

	eehassoosostoa.com/401/9407006	ScriptElement	162 kB	2025-06-07	2025-06-07
Pretty URL eehassoosostoa.com/401/9407006 IP 139.45.197.107 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 4e03ccdf896176bf318e19535c6a65f2 bfca24c13357eddc9c91aa249c9d37e623c36f0f b7da25d61a8f58b4a7edb5fc7b4de73a19c6471144f09a4eba5cb12e9e3781b9 Loading...

	sportstreamslife.shop/player/stream-55.php	ScriptElement	424 B	2024-09-19	2025-06-12
Pretty URL sportstreamslife.shop/player/stream-55.php IP 172.67.205.180 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-19 22:11 Last Seen2025-06-12 16:05 Times Seen14 Hash 70c70237cd3d41f2fe05d7522f966d6f a9d95a151616a256ebc3f03bec177306cf9beb57 7889f7d81e5e625848e492c7897e4167db060237756ff8f94497877dfaa9f37f Loading...

	sportsloverss.online/wp-content/themes/newspaperly/js/jquery.flexslider.js?ver=20150423	ScriptElement	55 kB	2023-03-07	2025-06-14
Pretty URL sportsloverss.online/wp-content/themes/newspaperly/js/jquery.flexslider.js?ver=20150423 IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-06-14 17:27 Times Seen110 Hash d164ed31a1f030cca772428fbc4a353b f6791145eb6527492ffe8d147b12571a88a26b76 9f9b8303b4fdf50f85f63fb85b80e9be5d88f6de1e7440bf03380cb9d717ce4a Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2025-01-25	2025-06-16
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 09:25 Last Seen2025-06-16 07:36 Times Seen1779 Hash 108625937affa4b38bb17cea65510d72 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0 Loading...

	sportsloverss.online/?p=749	ScriptElement	3.3 kB	2025-06-07	2025-06-07
Pretty URL sportsloverss.online/?p=749 IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 4212da9260199b6915c226116c08744e a0e6d315708662ae2b854686e1731f6ebe12b3a0 b504b0b56b1c5be2a207f234c0134f1b4f8a517df537dc8e38122fd9c355ffac Loading...

	yv.nudecorvees.com/r0ByO1XQJMkGr5/69521	ScriptElement	5 B	2025-04-24	2025-06-16
Pretty URL yv.nudecorvees.com/r0ByO1XQJMkGr5/69521 IP 23.109.170.27 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-24 10:17 Last Seen2025-06-16 05:54 Times Seen725 Hash 848667c49f5d3aef59cd65ed276cd7ae bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763 cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8 Loading...

	sportsloverss.online/wp-includes/js/wp-emoji-release.min.js?ver=6.8.1	ScriptElement	19 kB	2025-04-03	2025-06-16
Pretty URL sportsloverss.online/wp-includes/js/wp-emoji-release.min.js?ver=6.8.1 IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-03 04:02 Last Seen2025-06-16 07:36 Times Seen8532 Hash 1dafa7fe14b33c26fef9b0e5ba0c8e72 62f67cdac55d89c43570bf0c338f4edf548b14e1 50cc1a0490008ec62ca8b581fa9cdcfb2eda2d36a08ccbeb1f004da599e9cc61 Loading...

	allupplay.xyz/premiumtv/daddylive.php?id=55	ScriptElement	52 B	2024-07-11	2025-06-15
Pretty URL allupplay.xyz/premiumtv/daddylive.php?id=55 IP 104.21.52.143 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-11 01:38 Last Seen2025-06-15 20:05 Times Seen153 Hash 78a6702d966a64ed29eca96bfefed3de cc38ab49fb9cf0b5dfe3639378bd12af22ef1c0c 00f32959faf141840611a9e3f434a6924cbcd843de990bb5df8ad037b9f8d095 Loading...

	allupplay.xyz/premiumtv/daddylive.php?id=55	ScriptElement	45 B	2024-07-20	2025-06-15
Pretty URL allupplay.xyz/premiumtv/daddylive.php?id=55 IP 104.21.52.143 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-20 17:31 Last Seen2025-06-15 20:05 Times Seen145 Hash b50a7599a1cd871d2b379f9ef0b04aa4 66783a5680bbf18a422b0ebf586f787abb91f56f 94ba1e39aa22b534544bd907ddee33191396ded56a47cabf861e12ed65780385 Loading...

	sportsloverss.online/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	ScriptElement	88 kB	2023-11-03	2025-06-16
Pretty URL sportsloverss.online/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-06-16 07:36 Times Seen100457 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	sportsloverss.online/?p=749	ScriptElement	68 kB	2025-05-28	2025-06-13
Pretty URL sportsloverss.online/?p=749 IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-28 14:22 Last Seen2025-06-13 05:10 Times Seen31 Hash 85b69b8381c37882a654001105a721c3 69a7b7da4bc0fa9cc5293a8dfa66d423345922ce a049e63721138860de8672b45ca343910efb9a70fa9fa95d1fdcc2b77a0862d8 Loading...

	sportsloverss.online/wp-content/themes/newspaperly/js/skip-link-focus-fix.js?ver=20170823	ScriptElement	685 B	2023-03-07	2025-06-16
Pretty URL sportsloverss.online/wp-content/themes/newspaperly/js/skip-link-focus-fix.js?ver=20170823 IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-16 05:59 Times Seen2758 Hash 93d421fd7576b0ca9c359ffe2fa16113 eacce35258f14fcd79bea2bc23f4140d25874322 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2 Loading...

	sportsloverss.online/wp-content/themes/newspaperly/js/navigation.js?ver=20170823	ScriptElement	3.0 kB	2023-03-07	2025-06-16
Pretty URL sportsloverss.online/wp-content/themes/newspaperly/js/navigation.js?ver=20170823 IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-16 07:14 Times Seen1749 Hash 49493316c090bb3d7cca5bc09031037c b77b6525d82691c3d4ca05948e846500ea0cb1d3 fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c Loading...

	glempirteechacm.com/401/9407007	ScriptElement	1.0 kB	2025-06-07	2025-06-07
Pretty URL glempirteechacm.com/401/9407007 IP 139.45.197.106 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 4959680ea9f2d6294397168e4a903517 b926dd5d2debd77500ea06bd6aa8be9b005b03f4 6bdef9c660b095ceae2f8c4ef239af2957aaceacab39d94cbeacfd9a33eb79dc Loading...

	c.adsco.re/#0.3737729070769885	ScriptElement	486 B	2023-03-07	2025-06-16
Pretty URL c.adsco.re/#0.3737729070769885 IP 104.17.166.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-06-16 07:11 Times Seen1069 Hash 77c8287be10ff4b66a8490ca4d999917 7fccb364c5e22958503bcd8b92cdb648d5c4c96e c2d43195d015b5856873b3b0c6e717ee21599ca3f03f820b7c325f27b9b6a31d Loading...

	kzt2afc1rp52.com/dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js	ScriptElement	104 kB	2025-06-04	2025-06-07
Pretty URL kzt2afc1rp52.com/dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-04 19:48 Last Seen2025-06-07 16:55 Times Seen3 Hash ab9442a65a6a6f4567108c1a0de1fff6 b979b1951dfccc41360c1210771a236dfae99031 f10949fd96e2b4c7ba82f45086408364a36b9602e23a2ffc2646d399673c22b2 Loading...

	allupplay.xyz/premiumtv/daddylive.php?id=55	ScriptElement	2.8 kB	2025-06-07	2025-06-07
Pretty URL allupplay.xyz/premiumtv/daddylive.php?id=55 IP 104.21.52.143 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 00:07 Last Seen2025-06-07 17:04 Times Seen4 Hash 77da2d4a31d3910ad54c339f7b7d4583 f6e76f12e8a41449d49e07b39e6f96889bf15e02 d415a0e7ea61001740d92d933bd88e045024dea8638a07dfcd194c1e9b265f8a Loading...

	madurird.com/5/9384830	ScriptElement	113 kB	2025-06-07	2025-06-07
Pretty URL madurird.com/5/9384830 IP 139.45.197.106 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash b7e1b19460b0202cc0752dcc01dcc1a7 f02380625ed9614233ea2460476e29a8f7cfdb55 3009231eeace0d35f217d1a45df70e28bdc2b1b9c34c4c9051a6b83d2402d1ce Loading...

	about:blank	Eval	1.7 kB	2025-06-07	2025-06-07
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 331a43ef3fbb509f20aca2a4d36467ce 914c7dc5f2bea9dde9a8b82ab3971a54f48b605d 6ef28ca659a6dbf523789cdd4c991465074b4d2f66ed1751231e180236f1fe23 Loading...

	allupplay.xyz/premiumtv/daddylive.php?id=55	EventHandler	9 B	2025-06-07	2025-06-07
Pretty URL allupplay.xyz/premiumtv/daddylive.php?id=55 IP 104.21.52.143 ASN #13335 CLOUDFLARENET Introduced by eventHandler Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 17:04 Times Seen2 Hash 9ce59ee1e9a901a6c81a7c1c05c8fa2d 153c04a8912187fd90a2bef630fb3c8166af4c93 0807efe1642cf1e7aaa358af774d640c0f11523a7ab3657620ded5460c376aa6 Loading...

	about:blank	ScriptElement	145 B	2025-06-07	2025-06-07
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 13d17983988f01f1053e8f4145368f7d 3817c28def3b55bdf950df79bbcb27ffc581bdd3 8bc287d9bd9eb6e296e787ae5f10bd959e97b2422a5b42c64ee1ab1579c2bc58 Loading...

	sportsloverss.online/?p=749	ScriptElement	139 B	2025-06-07	2025-06-07
Pretty URL sportsloverss.online/?p=749 IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 68906034382c9bea40d57f11a71c3738 227a7c1c9353091a646b2bcee067cca6318798ac 25dc5a4485fc616c1c8a1d93c9886564598443a1e2c5c737b6c8ffebe9e2cf26 Loading...

	sportstreamslife.shop/player/stream-55.php	ScriptElement	28 kB	2025-06-07	2025-06-07
Pretty URL sportstreamslife.shop/player/stream-55.php IP 172.67.205.180 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 4684f3eec85e599e775303a9b8ceb170 7e2024a5b3a025fbcf812803f98625e6af5ba126 f43b35d1b5f2229f3d57538301380afb55d8a7a563beebf069409a0088ad6d2f Loading...

	madurird.com/tag.min.js	ScriptElement	1.0 kB	2025-06-05	2025-06-10
Pretty URL madurird.com/tag.min.js IP 139.45.197.106 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-05 17:29 Last Seen2025-06-10 09:56 Times Seen6 Hash 9b1f796fa2edbf121c20cc21b2d351fc d959806fb490d5bb006f03b56c783ce20e18b69d 1d76bf246b4b873c0fb7e58e8ec4cbb6f4dc6c247d9a09236a5483ea1e647c88 Loading...

	about:blank	JavascriptURL	5 B	2023-03-07	2025-06-16
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by javascriptURL Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-16 07:32 Times Seen27584 Hash 68934a3e9455fa72420237eb05902327 7cb6efb98ba5972a9b5090dc2e517fe14d12cb04 fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Loading...

	antiadblocksystems.com/qvxdrodikp?qMXhNAdT=BQOCAAAAAAAACZUAApOF_Bkgf2LNuyg9plwHnLGX_lPfmJxL3LqSZ943Y_accwpAC9mehnHxNylt6e6baBauORA9-5ROAmcnQxpaDWvAv-YyBEPDUruVkkOGbblVddLx0rnL-v4vr6zic11uUXIJBAqc74_k6LK9EUey3rMcTSWpAf11ymFx5i4KWJQ_SOl78ROHpts_YTKuH78f4Q3JsolzIFR0B-vhe62FOJtnYCF4SwSiXTRKqLYBH541uC3WavQHeYOyWeqqM3-stA5WDbjvDfcfG_ox0aTkT-qKYTywkETqyfx2P__tiJD3RJUTcen53fyTjE7pFb6XbSWmJ2Ka3t-BQUBtoOQ6ZjIU8YcHNwLvIZAfNpi97teLednGuZ7TZqYcZvNovq3IeJw0ELQ8EpBIic-pOXQOJfznGEE2kpdoBYoynzzTLdvfycehE64bWesWxyhedPXLgODh6qIN-kxUDrxfTzHwb7PKUqpeB5SWCnrpC_w3sjwymdnGq5ptNu9HtGIQr1luk5FPWVmFJimMQ73dRni0Lgbwx26OiPEuqF7qP351v3rGzoMR2qfXU_aIb1WYna1AkeuJPpXQdfrgWsN6EiGVX3QwjJEM44H4UhKacGyKF6p5BgrYl4VfhW_eKNchSZBq5UQJ4XYnRo2LawV430xMC0JVUa9MkA5Zq-Ns4j0R0qEBgHJFRbrxw1hczw9Xybi0x7qTt1DU6q1RscrfsKslfAAFqo8kp0-ZzRPIqGlkwftA1FwBknsmLEXllqGZibyd71VW5uQ1qITyJ1wc29zodJkHBs0M961e4RlekySklRV0ISXfGs97JM1e1WcmBSuK4ksERZZCfc1DnHCzZ9N6dfZ4g_VVM2Hjdz_HSGnSh7oXT8MwndanjyVlTCQCST0Uf4-zE_D0pgjaXKEgapAcwvQPqQ5TtzcHiZOw-qkOoBE51NZoOdan3GBReaXcadFf-0gjbzL6vSANSSb_vegcowCH2IJEbOi_kEeQmCm_1MHJtqQdNs8UGqEZXY4Y6tUfxRLk7kBQOQic1Ro5YjwqZf0Zlg-JCGZ_B6qUldpYstjV7VCG_V5o7N_XYm8yEyfCez7ZVrZgDPUWeNLEBCsmfFpXfed_kJKh-y-Z-6X1n71GKnsC0QyZ9KVHInAsBiThQE9pik5T6I6P7WMl-dd89sg38UtOnPxns4ry-7iGssLZ&ZuatvDox=4&jfsLeQqV=5204079&FXBQgcoq=&pqaPONMU=0,0&ozyBMOLb=&vKJDXMuk=&s=1280,1024,1,1280,1024,0	ScriptElement	44 B	2023-03-07	2025-06-16
Pretty URL antiadblocksystems.com/qvxdrodikp?qMXhNAdT=BQOCAAAAAAAACZUAApOF_Bkgf2LNuyg9plwHnLGX_lPfmJxL3LqSZ943Y_accwpAC9mehnHxNylt6e6baBauORA9-5ROAmcnQxpaDWvAv-YyBEPDUruVkkOGbblVddLx0rnL-v4vr6zic11uUXIJBAqc74_k6LK9EUey3rMcTSWpAf11ymFx5i4KWJQ_SOl78ROHpts_YTKuH78f4Q3JsolzIFR0B-vhe62FOJtnYCF4SwSiXTRKqLYBH541uC3WavQHeYOyWeqqM3-stA5WDbjvDfcfG_ox0aTkT-qKYTywkETqyfx2P__tiJD3RJUTcen53fyTjE7pFb6XbSWmJ2Ka3t-BQUBtoOQ6ZjIU8YcHNwLvIZAfNpi97teLednGuZ7TZqYcZvNovq3IeJw0ELQ8EpBIic-pOXQOJfznGEE2kpdoBYoynzzTLdvfycehE64bWesWxyhedPXLgODh6qIN-kxUDrxfTzHwb7PKUqpeB5SWCnrpC_w3sjwymdnGq5ptNu9HtGIQr1luk5FPWVmFJimMQ73dRni0Lgbwx26OiPEuqF7qP351v3rGzoMR2qfXU_aIb1WYna1AkeuJPpXQdfrgWsN6EiGVX3QwjJEM44H4UhKacGyKF6p5BgrYl4VfhW_eKNchSZBq5UQJ4XYnRo2LawV430xMC0JVUa9MkA5Zq-Ns4j0R0qEBgHJFRbrxw1hczw9Xybi0x7qTt1DU6q1RscrfsKslfAAFqo8kp0-ZzRPIqGlkwftA1FwBknsmLEXllqGZibyd71VW5uQ1qITyJ1wc29zodJkHBs0M961e4RlekySklRV0ISXfGs97JM1e1WcmBSuK4ksERZZCfc1DnHCzZ9N6dfZ4g_VVM2Hjdz_HSGnSh7oXT8MwndanjyVlTCQCST0Uf4-zE_D0pgjaXKEgapAcwvQPqQ5TtzcHiZOw-qkOoBE51NZoOdan3GBReaXcadFf-0gjbzL6vSANSSb_vegcowCH2IJEbOi_kEeQmCm_1MHJtqQdNs8UGqEZXY4Y6tUfxRLk7kBQOQic1Ro5YjwqZf0Zlg-JCGZ_B6qUldpYstjV7VCG_V5o7N_XYm8yEyfCez7ZVrZgDPUWeNLEBCsmfFpXfed_kJKh-y-Z-6X1n71GKnsC0QyZ9KVHInAsBiThQE9pik5T6I6P7WMl-dd89sg38UtOnPxns4ry-7iGssLZ&ZuatvDox=4&jfsLeQqV=5204079&FXBQgcoq=&pqaPONMU=0,0&ozyBMOLb=&vKJDXMuk=&s=1280,1024,1,1280,1024,0 IP 208.95.113.2 ASN #53334 TUT-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17 Last Seen2025-06-16 07:17 Times Seen9865 Hash d5f0a25e4d3522d56d48ce7bc3e518fb 86794caff58f7fee6e684c2ba7195f970a8d6f4c 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5 Loading...

	sportsloverss.online/wp-includes/js/comment-reply.min.js?ver=6.8.1	ScriptElement	3.0 kB	2024-11-13	2025-06-16
Pretty URL sportsloverss.online/wp-includes/js/comment-reply.min.js?ver=6.8.1 IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-13 06:33 Last Seen2025-06-16 07:36 Times Seen4436 Hash e4a49df71f8b98c1d9f9d8fce74d89e8 b95fcda0c8c26305ad94e80343d0cfca8a048a10 9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f Loading...

	pl26816526.profitableratecpm.com/35/4f/fb/354ffbf35c2f9475466de6172547223c.js	ScriptElement	104 kB	2025-06-07	2025-06-07
Pretty URL pl26816526.profitableratecpm.com/35/4f/fb/354ffbf35c2f9475466de6172547223c.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 8a4010ac892affbc74f13494785f851b c9813697bef8bffb5cea38c93d0feb5ab1c75b4d 75e51b58944df3605637c5c878cafb6101aaf0df0e845f7b2ee6200248a97bbb Loading...

	tzegilo.com/stattag.js	ScriptElement	18 kB	2024-07-11	2025-06-16
Pretty URL tzegilo.com/stattag.js IP 172.67.193.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-11 16:28 Last Seen2025-06-16 01:29 Times Seen2243 Hash 01227f5edc20e0ff4ed643b27cb8bb68 d71a88f7341f2b1bdaa7deb9a66888607bd52598 75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2 Loading...

	allupplay.xyz/premiumtv/daddylive.php?id=55	ScriptElement	28 kB	2025-06-07	2025-06-07
Pretty URL allupplay.xyz/premiumtv/daddylive.php?id=55 IP 104.21.52.143 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 17:04 Times Seen2 Hash e23e0087ac9da04a39ff297a677664fb 943b057cbc01f7f096732f3cc4c034e0c58b71c3 15b5a410dcc8d900b401cfa5aafcd4ade664c4361b1b705d7cfce9aa3083a5da Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2025-01-25	2025-06-16
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 09:25 Last Seen2025-06-16 07:36 Times Seen1779 Hash 108625937affa4b38bb17cea65510d72 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0 Loading...

	allupplay.xyz/premiumtv/daddylive.php?id=55	EventHandler	9 B	2025-06-07	2025-06-07
Pretty URL allupplay.xyz/premiumtv/daddylive.php?id=55 IP 104.21.52.143 ASN #13335 CLOUDFLARENET Introduced by eventHandler Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 17:04 Times Seen2 Hash 7b6ccddc1add3f0914c11df1e7b67d8e 812501edbc68e8c911dc3e02fd3ce5d5ba4ae621 f8405fd396914dbb2d5581f30dcdc039bf7542655070b6b5006ffcd53cf6c97e Loading...

	www.highperformanceformat.com/f591db634d24e75b9d8ac135133ca656/invoke.js	ScriptElement	27 kB	2025-06-07	2025-06-07
Pretty URL www.highperformanceformat.com/f591db634d24e75b9d8ac135133ca656/invoke.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash c77ce69040f870fefa0afdadf4905fda 61353e0185ba7216c7bb19e00cc8e39efa384bb3 6a1f6e603d76dd70bf416e8a82f8d5e96ea6dd96e6afd93b84639cffe7ee64df Loading...

	sportsloverss.online/?p=749	ScriptElement	139 B	2025-06-07	2025-06-07
Pretty URL sportsloverss.online/?p=749 IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:55 Last Seen2025-06-07 16:55 Times Seen1 Hash 68906034382c9bea40d57f11a71c3738 227a7c1c9353091a646b2bcee067cca6318798ac 25dc5a4485fc616c1c8a1d93c9886564598443a1e2c5c737b6c8ffebe9e2cf26 Loading...

HTTP Transactions (148)

URL IP Response Size

cdn.show-sb.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html

172.67.170.115

200 OK

1.5 kB

URL GET
cdn.show-sb.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html
IP
172.67.170.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectshow-sb.com
Fingerprint1D:98:CF:D5:11:E1:60:97:76:85:27:F9:55:AF:5E:13:60:3F:67:B7
ValidityMon, 14 Apr 2025 03:51:48 GMT - Sun, 13 Jul 2025 04:50:09 GMT

File type
HTML document, ASCII text
Size
1.5 kB (1545 bytes)
Hash
3f8de4c280d2d48e8418a562095ac7e4
3dc3e5bc655dcd0ff5b045b147c28398e07b6e4d
54358796e1fc6b065f33194b7e4f02b43fc28050a3d64e482e59f4251d06fc15

HTTP Headers

GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html HTTP/1.1
Host: cdn.show-sb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:26 GMT
content-type: text/html
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=mzZEOl9imDWDUBqeeDCaG7Duay5c%2B%2FOGbd2ChL%2FUG2pzdu1JeEIAaHc3zOU%2BJzKExNYi0FbxymiTiCbx%2BsWRP%2BiYstd%2FBOT%2F59oOEk4%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94c1ad532c25b4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

grookilteepsou.net/event

139.45.197.122

200 OK

0 B

URL OPTIONS
grookilteepsou.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectgrookilteepsou.net
Fingerprint88:32:02:85:20:BA:DC:ED:9E:9D:73:5A:A2:BA:00:56:79:A1:7D:44
ValiditySat, 29 Mar 2025 05:35:06 GMT - Fri, 27 Jun 2025 05:35:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: grookilteepsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:26 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

4.adsco.re/

162.252.214.5

200 OK

45 B

URL GET
4.adsco.re/
IP
162.252.214.5:443
ASN
#53334 TUT-AS

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
45 B (45 bytes)
Hash
5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

HTTP Headers

GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 07 Jun 2025 16:55:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://sportsloverss.online
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip

xk0qpywuw9gy.n4.adsco.re/

38.132.109.126

200 OK

0 B

URL POST
xk0qpywuw9gy.n4.adsco.re/
IP
38.132.109.126:443
ASN
#9009 M247 Europe SRL

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subject*.n4.adsco.re
FingerprintA4:A0:A6:46:DF:45:B1:CC:DD:05:80:89:4C:8B:F3:44:48:A8:D5:89
ValidityMon, 19 May 2025 09:14:22 GMT - Sun, 17 Aug 2025 09:14:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: xk0qpywuw9gy.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:27 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

www.highperformanceformat.com/f591db634d24e75b9d8ac135133ca656/invoke.js

172.240.127.234

200 OK

27 kB

URL GET
www.highperformanceformat.com/f591db634d24e75b9d8ac135133ca656/invoke.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjecthighperformanceformat.com
Fingerprint0D:9E:3E:81:0C:42:53:B9:28:FB:59:10:B5:41:9D:C8:F5:17:CE:E5
ValiditySun, 13 Apr 2025 21:41:53 GMT - Sat, 12 Jul 2025 21:41:52 GMT

File type
JavaScript source, ASCII text, with very long lines (27417), with no line terminators
Size
27 kB (27417 bytes)
Hash
c77ce69040f870fefa0afdadf4905fda
61353e0185ba7216c7bb19e00cc8e39efa384bb3
6a1f6e603d76dd70bf416e8a82f8d5e96ea6dd96e6afd93b84639cffe7ee64df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f591db634d24e75b9d8ac135133ca656/invoke.js HTTP/1.1
Host: www.highperformanceformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Jun 2025 16:55:22 GMT
Content-Type: application/javascript
Content-Length: 11507
Connection: keep-alive
content-encoding: gzip
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 1
Host: www.highperformanceformat.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 55cda8d1fe82e0153712effa99ba1ff3
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

nannyirrationalacquainted.com/watch.234889704762.js?key=f591db634d24e75b9d8ac135133ca656&kw=%5B%22callum%22%2C%22simpson%22%2C%22vs%22%2C%22ivan%22%2C%22zucco%22%2C%22%E2%80%93%22%2C%22sportsloverss%22%5D&refer=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&tz=0&dev=e&res=14.3095&rb=&uuid=3b2579d3-8349-402a-bf12-8951952eba03%3A2%3A1

192.243.61.227

307 Temporary Redirect

5.0 kB

URL GET
nannyirrationalacquainted.com/watch.234889704762.js?key=f591db634d24e75b9d8ac135133ca656&kw=%5B%22callum%22%2C%22simpson%22%2C%22vs%22%2C%22ivan%22%2C%22zucco%22%2C%22%E2%80%93%22%2C%22sportsloverss%22%5D&refer=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&tz=0&dev=e&res=14.3095&rb=&uuid=3b2579d3-8349-402a-bf12-8951952eba03%3A2%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectnannyirrationalacquainted.com
Fingerprint02:A2:15:3C:6C:15:16:0E:78:8F:56:09:21:EA:27:04:2D:EC:D5:E2
ValiditySun, 20 Apr 2025 00:43:48 GMT - Sat, 19 Jul 2025 00:43:47 GMT

File type

Size
5.0 kB (4990 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.234889704762.js?key=f591db634d24e75b9d8ac135133ca656&kw=%5B%22callum%22%2C%22simpson%22%2C%22vs%22%2C%22ivan%22%2C%22zucco%22%2C%22%E2%80%93%22%2C%22sportsloverss%22%5D&refer=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&tz=0&dev=e&res=14.3095&rb=&uuid=3b2579d3-8349-402a-bf12-8951952eba03%3A2%3A1 HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 07 Jun 2025 16:55:26 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sportsloverss.online
Access-Control-Allow-Origin: https://sportsloverss.online
Access-Control-Allow-Credentials: true
Location: https://nannyirrationalacquainted.com/watch.234889704762.js?dev=e&key=f591db634d24e75b9d8ac135133ca656&kw=%5B%22callum%22%2C%22simpson%22%2C%22vs%22%2C%22ivan%22%2C%22zucco%22%2C%22%E2%80%93%22%2C%22sportsloverss%22%5D&pst=1749315386&rb=&refer=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&res=14.3095&rmtc=t&shu=be0c3c21fdcca57e99ac28b892be5600b79d8ad7419e7a3378f3467e9b22ffb007b5453a6f165e98302fce402a99c7667775c632d7770b4cc5832c71e41946ffcba5523ebbe85fdfb4f0e3a8a5f17d8f96139ad2398fef6c3e3193&tz=0&uuid=3b2579d3-8349-402a-bf12-8951952eba03%3A2%3A1
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNjcxNjAzOCwiayI6ImY1OTFkYjYzNGQyNGU3NWI5ZDhhYzEzNTEzM2NhNjU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0OTc5ODE0LCJwaWQiOjI3MzI3NzYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6MjMsInB0Ijo0LCJwayI6InFlejZ0ZWE5YnkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3BvcnRzbG92ZXJzcy5vbmxpbmUvP3A9NzQ5IiwiYXIiOltdfX0.zY-y2LBrPmXd5JXmCMSKqbOJ7NFSA0i-2TTXroepZMY; expires=Sat, 07 Jun 2025 16:56:26 GMT; path=/; secure; SameSite=None
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 12ef67daaa7b964a945a0286f3e2f3e6
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

c.adsco.re/#0.3737729070769885

104.17.166.186

200 OK

79 kB

URL GET
c.adsco.re/#0.3737729070769885
IP
104.17.166.186:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (689)
Size
79 kB (79103 bytes)
Hash
f0e71ebb1e2c90b307c171052ca517d0
1a1950b1868c0bfb8629f6f81b81439160727a79
adbce95b9ac0da66ea3a1d707494d9c74876e1c9186c446b4b5a22d15adc1ee5

HTTP Headers

GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Jun 2025 16:55:27 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Tue, 08 Jul 2025 16:55:27 GMT
etag: W/"8Oceux4skLMHwXEFLKUX0A=="
content-encoding: gzip
cf-cache-status: HIT
age: 221388
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 94c1ad5c1b2e568a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

allupplay.xyz/blast.js

104.21.52.143

200 OK

78 kB

URL GET
allupplay.xyz/blast.js
IP
104.21.52.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://allupplay.xyz/premiumtv/daddylive.php?id=55
Certificate
IssuerGoogle Trust Services
Subjectallupplay.xyz
Fingerprint00:AB:B0:47:51:B0:95:B9:9F:43:47:9F:5C:0D:F2:B8:99:EC:61:D3
ValidityWed, 16 Apr 2025 17:09:26 GMT - Tue, 15 Jul 2025 18:07:00 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
78 kB (77888 bytes)
Hash
091faec928970e76d37a3601c19fcf8a
6441e8eebe90eb8d4a40e7c25440ff99caba3520
eb06375118b1eb73f43b8f1851472008f84999a1b27359c075bf5da6feef9a12

HTTP Headers

GET /blast.js HTTP/1.1
Host: allupplay.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allupplay.xyz/premiumtv/daddylive.php?id=55
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Jun 2025 16:55:25 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eSoenkyQVPUTHz%2BnpqOxTuw6su%2Fz8PNEjunnAA3qy3jJnYpraMJvuB%2B5vXW6IEqgdyfnUQm2UeNsyQT%2FTHasCWB5tO%2Fruz2dqlRqaWeNXrGir69zCoLPOQZvRPQuYYB6"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 17 Oct 2024 06:47:40 GMT
etag: W/"6710b30c-13040"
access-control-allow-origin: *
age: 4793
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94c1ad4dac7eb4ff-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3733&min_rtt=774&rtt_var=1825&sent=54&recv=60&lost=0&retrans=0&sent_bytes=6652&recv_bytes=4090&delivery_rate=563572&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=8a49994fca55c1d4&ts=759&inflight_dur=60&x=80"

top2new.newkso.ru/auth.php?channel_id=premium55&ts=1749315324&rnd=ada9f385&sig=20bc11d1f124a88deac1bc00c5b9bdd5dc5d43336262c280492d33278ec48a48

104.21.45.220

200 OK

15 B

URL GET
top2new.newkso.ru/auth.php?channel_id=premium55&ts=1749315324&rnd=ada9f385&sig=20bc11d1f124a88deac1bc00c5b9bdd5dc5d43336262c280492d33278ec48a48
IP
104.21.45.220:443
ASN
#13335 CLOUDFLARENET

Requested by
https://allupplay.xyz/premiumtv/daddylive.php?id=55
Certificate
IssuerGoogle Trust Services
Subjectnewkso.ru
Fingerprint78:B2:4A:4F:8C:08:64:EB:8E:09:91:88:03:A6:48:32:B4:4C:06:29
ValidityFri, 30 May 2025 17:30:46 GMT - Thu, 28 Aug 2025 18:29:06 GMT

File type
JSON text data
Size
15 B (15 bytes)
Hash
0f0479874bf6f4a7281099b15df27c27
55a490e280d48996e564d00492437eb17faadd28
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

HTTP Headers

GET /auth.php?channel_id=premium55&ts=1749315324&rnd=ada9f385&sig=20bc11d1f124a88deac1bc00c5b9bdd5dc5d43336262c280492d33278ec48a48 HTTP/1.1
Host: top2new.newkso.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allupplay.xyz/
Origin: https://allupplay.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:25 GMT
content-type: application/json
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, no-store, must-revalidate
a-php-lb-cache: MISS
x-lb-cache: MISS
cf-cache-status: MISS
last-modified: Sat, 07 Jun 2025 16:55:25 GMT
vary: accept-encoding
access-control-allow-origin: *
no-cache: no-cache
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=9bsy1%2BCFv5YZPPruuKIWP4JpmoKJR39RqqlmSd7gzleORXMuE%2BlhFxVSSbYhkjUZHj5AJYGXzBlUXwKuCVFLje6KElw5BdWKedRApo8LCg%3D%3D"}]}
content-encoding: br
cf-ray: 94c1ad4ecadb56a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

grookilteepsou.net/event

139.45.197.122

200 OK

81 B

URL POST
grookilteepsou.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectgrookilteepsou.net
Fingerprint88:32:02:85:20:BA:DC:ED:9E:9D:73:5A:A2:BA:00:56:79:A1:7D:44
ValiditySat, 29 Mar 2025 05:35:06 GMT - Fri, 27 Jun 2025 05:35:05 GMT

File type
JSON text data
Size
81 B (81 bytes)
Hash
1c18268d0ddefeba01ac34d663e26784
736934ef2b8fa3e8b9cc369e6efb25076c4c66d3
a11f6f05ed451c64591e33b9c7fb6bda7f3d7e6edbac7ba43823d8f216aa1a9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: grookilteepsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sportsloverss.online/
Content-Type: application/json
Content-Length: 366
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:26 GMT
content-type: application/json; charset=utf-8
content-length: 81
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js

188.114.97.1

200 OK

386 B

URL GET
cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
ASCII text
Size
386 B (386 bytes)
Hash
5ca8c1679ba9453cfa512e01d6fec9c5
45628341eb20e4acee5e812d3b2dfc8f23962daf
520a0196a18cbe656f7382a02ec828125e68bdac511b9ebe2bf27f31e262d037

HTTP Headers

GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:26 GMT
content-type: application/javascript
content-length: 386
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "65aa8566-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 245116
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=bmSjrKAlcXzBCnHbTPffO%2BWdyQdeVKMt3O8ZUDXT4GaZu0RtpxRT9lu6%2FAZU1blpspw%2FBAIbneMXsHrKQh8giSzTcoR2v%2BZ9mAXxkfWEQXPapoZP"}]}
cf-ray: 94c1ad590fc456b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jun 2025 00:24:14 GMT
expires: Sat, 06 Jun 2026 00:24:14 GMT
cache-control: public, max-age=31536000
age: 145875
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

wearychallengeraise.com/pixel/pure

192.243.59.13

200 OK

0 B

URL POST
wearychallengeraise.com/pixel/pure
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectwearychallengeraise.com
Fingerprint59:0D:D9:8E:52:01:C0:D1:1E:83:C9:8F:D9:E2:AA:FF:AF:B7:B8:51
ValiditySun, 20 Apr 2025 03:17:43 GMT - Sat, 19 Jul 2025 03:17:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /pixel/pure HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:24 GMT
Content-Length: 0
Connection: keep-alive
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

sportsloverss.online/wp-content/themes/newspaperly/js/jquery.flexslider.js?ver=20150423

104.21.80.1

200 OK

55 kB

URL GET
sportsloverss.online/wp-content/themes/newspaperly/js/jquery.flexslider.js?ver=20150423
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectsportsloverss.online
Fingerprint54:36:5E:9A:38:33:C5:8D:04:01:C3:97:B5:C8:EC:CD:37:4D:80:1C
ValidityTue, 27 May 2025 07:14:03 GMT - Mon, 25 Aug 2025 08:10:10 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
55 kB (54630 bytes)
Hash
d164ed31a1f030cca772428fbc4a353b
f6791145eb6527492ffe8d147b12571a88a26b76
9f9b8303b4fdf50f85f63fb85b80e9be5d88f6de1e7440bf03380cb9d717ce4a

HTTP Headers

GET /wp-content/themes/newspaperly/js/jquery.flexslider.js?ver=20150423 HTTP/1.1
Host: sportsloverss.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/?p=749
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:21 GMT
content-type: text/javascript
server: cloudflare
last-modified: Tue, 27 May 2025 08:29:56 GMT
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=UwhQv45S%2F1UkUJ4p71cttRJKgtyXA0xuTjz9U6EcDxD%2BDe7LOSGOS2%2FhDi5YmQTZ67EvJtLAuapjgRIbjME5D3votbfQK%2F7Fdtiy7WTK1kqKsw%3D%3D"}]}
age: 6357
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94c1ad39696956c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sportstreamslife.shop/player/stream-55.php

172.67.205.180

200 OK

234 kB

URL GET
sportstreamslife.shop/player/stream-55.php
IP
172.67.205.180:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectsportstreamslife.shop
Fingerprint04:9B:26:F4:23:A9:47:4B:15:CD:89:EE:F0:A9:C5:34:2B:48:D6:5C
ValidityFri, 02 May 2025 09:15:06 GMT - Thu, 31 Jul 2025 10:12:47 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (47382), with LF, NEL line terminators
Size
234 kB (233763 bytes)
Hash
73a5f6cbf00ca0247156b7328cba79ef
328f82118fd637e5cc3836264ff570a67a282533
950071cf7b9a7b95beecc48ce597eb45872908dd9d5ef2ce96d30bf4fd3dfe8f

HTTP Headers

GET /player/stream-55.php HTTP/1.1
Host: sportstreamslife.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:23 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=iZymb5pG4lzHhwdVdJKr2wJ6TQuqcW4yaws8LrB8xc8nxUeH8g1XTZDH22Kl7ows7jDS5w5B2JE3UfEGqqGZQbuUKlLUrtMzYSYupJS0PhGRIO4%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94c1ad3f2bbdb4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

madurird.com/tag.min.js

139.45.197.106

200 OK

108 kB

URL GET
madurird.com/tag.min.js
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://allupplay.xyz/premiumtv/daddylive.php?id=55
Certificate
IssuerLet's Encrypt
Subjectmadurird.com
FingerprintE6:F5:25:47:3F:87:05:23:96:F8:35:FA:1C:BC:79:F8:B3:85:26:2D
ValiditySat, 19 Apr 2025 05:46:37 GMT - Fri, 18 Jul 2025 05:46:36 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
108 kB (107527 bytes)
Hash
73217dbc1f4a40490924d207f9954b68
36dec7c4513fb9a90109340e387e9a74d683ef20
70e626751e2ecfb9bb2602d111d7aec443f0fa5595bf2002278d00c612b3d9a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: madurird.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allupplay.xyz/
Cookie: OAID=0081e1ead1bb4924fdbc04a807bf4fb2; oaidts=1749315321
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:24 GMT
content-type: application/javascript
x-trace-id: 97e3da6aac7e315a6c3feeb456e62e49
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

grookilteepsou.net/event

139.45.197.122

200 OK

81 B

URL POST
grookilteepsou.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectgrookilteepsou.net
Fingerprint88:32:02:85:20:BA:DC:ED:9E:9D:73:5A:A2:BA:00:56:79:A1:7D:44
ValiditySat, 29 Mar 2025 05:35:06 GMT - Fri, 27 Jun 2025 05:35:05 GMT

File type
JSON text data
Size
81 B (81 bytes)
Hash
ca53211ef1ebbb2754fa98f5ae20bb5c
fe5136e13b6a419cf428a8957a68b123dbb30339
ffe350b8073ebb56cf8ec765a4d89795b17b7401c2fce9c5bf14177fc0e79367

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: grookilteepsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sportsloverss.online/
Content-Type: application/json
Content-Length: 877
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:26 GMT
content-type: application/json; charset=utf-8
content-length: 81
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=06d21dcb-72bb-4ce2-9a1e-045151fd9a6b

139.45.195.252

200 OK

0 B

URL POST
fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=06d21dcb-72bb-4ce2-9a1e-045151fd9a6b
IP
139.45.195.252:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0
ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=06d21dcb-72bb-4ce2-9a1e-045151fd9a6b HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1155
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Sat, 07 Jun 2025 16:55:28 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://sportsloverss.online
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

roagrofoogrobo.com/impression/ALiqoxgfY0CBaUj88xy1MAZXOwn9GzfSjD8OpIwBbD6gvfZnYjDEBMmEoNU9mNTvbAdveoJG1WJ4XdYiaszcaQc3DDcqoGk10e8NppiQLz8xRJFJXc0h5KgWqAif0tpe_hpqrEJMygJiBf99MM_QG71_5YZqgav50ZDL208FEJuNpS5Fk0cIyesvJmfdwq9K6eZRb_3zJxHHtVHhdqGpF44kjjre-PeUNuknAf36KYIX8HZwDrs9d3VPBzCsdi9JSbwPq2kU8GnoTRnf4EW4n_8B8BiYc5VLWebb-dDSenRjh6bQWL_WX8GFM7YVD5D7UnjryagcursvH1-3JtDYbvVqE3t8K65D_rOBDX7zkpQzc1cFZu4GUg3Z5G_kboSqqFqvh_1P27bL6tTP5mP9gaVGyuRYAim4-JZzlE3QnImPnlZA4L9zC5Gl9EYAjGS3r818b1Ot6f8fBStUHAxvOF2gyH9cYOy05iF1NRr0-LpYIx1JIkdc1goCe8-ynlGNrYNgIQ50afVDzza8krcllAfKiN_r6ukzh77xDedGR_O6hJbPwKOeUlWhQK2Rpa-XOFWdNxo-YowYhaHn7_XH7JGWyGUFmCiv7dOCLsoftAKv8YQ3Tbo4IaRLhUNksIBnwpoqfTDAsUUD86c8ly5AV1LTCiVKB2T0dahasyE4mY-K1x5cGA6PHYrJM0Z9qwF2L0czLKs_wPvXhPMEWydb7UpUET0j65zDJjK0mXvSvUN2SUUP-npSiaqdDv_ShpIcWorqPR1wmO0cpLorXoJR9Xysc2okKHUm6MMZIbwklbc4xZzZVL_SIv2VRNa4XoY4VnnVnzMWk2A=?_z=9407005&js_build=8&sw_version=v1.644.0&dmn=roagrofoogrobo.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.107

200 OK

43 B

URL GET
roagrofoogrobo.com/impression/ALiqoxgfY0CBaUj88xy1MAZXOwn9GzfSjD8OpIwBbD6gvfZnYjDEBMmEoNU9mNTvbAdveoJG1WJ4XdYiaszcaQc3DDcqoGk10e8NppiQLz8xRJFJXc0h5KgWqAif0tpe_hpqrEJMygJiBf99MM_QG71_5YZqgav50ZDL208FEJuNpS5Fk0cIyesvJmfdwq9K6eZRb_3zJxHHtVHhdqGpF44kjjre-PeUNuknAf36KYIX8HZwDrs9d3VPBzCsdi9JSbwPq2kU8GnoTRnf4EW4n_8B8BiYc5VLWebb-dDSenRjh6bQWL_WX8GFM7YVD5D7UnjryagcursvH1-3JtDYbvVqE3t8K65D_rOBDX7zkpQzc1cFZu4GUg3Z5G_kboSqqFqvh_1P27bL6tTP5mP9gaVGyuRYAim4-JZzlE3QnImPnlZA4L9zC5Gl9EYAjGS3r818b1Ot6f8fBStUHAxvOF2gyH9cYOy05iF1NRr0-LpYIx1JIkdc1goCe8-ynlGNrYNgIQ50afVDzza8krcllAfKiN_r6ukzh77xDedGR_O6hJbPwKOeUlWhQK2Rpa-XOFWdNxo-YowYhaHn7_XH7JGWyGUFmCiv7dOCLsoftAKv8YQ3Tbo4IaRLhUNksIBnwpoqfTDAsUUD86c8ly5AV1LTCiVKB2T0dahasyE4mY-K1x5cGA6PHYrJM0Z9qwF2L0czLKs_wPvXhPMEWydb7UpUET0j65zDJjK0mXvSvUN2SUUP-npSiaqdDv_ShpIcWorqPR1wmO0cpLorXoJR9Xysc2okKHUm6MMZIbwklbc4xZzZVL_SIv2VRNa4XoY4VnnVnzMWk2A=?_z=9407005&js_build=8&sw_version=v1.644.0&dmn=roagrofoogrobo.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectroagrofoogrobo.com
FingerprintC7:CB:1C:71:86:21:01:54:9C:53:21:D6:A5:5E:65:12:E9:E8:E6:6B
ValidityTue, 13 May 2025 05:45:01 GMT - Mon, 11 Aug 2025 05:45:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/ALiqoxgfY0CBaUj88xy1MAZXOwn9GzfSjD8OpIwBbD6gvfZnYjDEBMmEoNU9mNTvbAdveoJG1WJ4XdYiaszcaQc3DDcqoGk10e8NppiQLz8xRJFJXc0h5KgWqAif0tpe_hpqrEJMygJiBf99MM_QG71_5YZqgav50ZDL208FEJuNpS5Fk0cIyesvJmfdwq9K6eZRb_3zJxHHtVHhdqGpF44kjjre-PeUNuknAf36KYIX8HZwDrs9d3VPBzCsdi9JSbwPq2kU8GnoTRnf4EW4n_8B8BiYc5VLWebb-dDSenRjh6bQWL_WX8GFM7YVD5D7UnjryagcursvH1-3JtDYbvVqE3t8K65D_rOBDX7zkpQzc1cFZu4GUg3Z5G_kboSqqFqvh_1P27bL6tTP5mP9gaVGyuRYAim4-JZzlE3QnImPnlZA4L9zC5Gl9EYAjGS3r818b1Ot6f8fBStUHAxvOF2gyH9cYOy05iF1NRr0-LpYIx1JIkdc1goCe8-ynlGNrYNgIQ50afVDzza8krcllAfKiN_r6ukzh77xDedGR_O6hJbPwKOeUlWhQK2Rpa-XOFWdNxo-YowYhaHn7_XH7JGWyGUFmCiv7dOCLsoftAKv8YQ3Tbo4IaRLhUNksIBnwpoqfTDAsUUD86c8ly5AV1LTCiVKB2T0dahasyE4mY-K1x5cGA6PHYrJM0Z9qwF2L0czLKs_wPvXhPMEWydb7UpUET0j65zDJjK0mXvSvUN2SUUP-npSiaqdDv_ShpIcWorqPR1wmO0cpLorXoJR9Xysc2okKHUm6MMZIbwklbc4xZzZVL_SIv2VRNa4XoY4VnnVnzMWk2A=?_z=9407005&js_build=8&sw_version=v1.644.0&dmn=roagrofoogrobo.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: roagrofoogrobo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: OAID=0081e15845a4400be196798785c7a553
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:29 GMT
content-type: image/gif
content-length: 43
x-trace-id: 476935cfe4fe436e07c204d8b8af2cfe
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

pl26816526.profitableratecpm.com/35/4f/fb/354ffbf35c2f9475466de6172547223c.js

172.240.108.84

200 OK

104 kB

URL GET
pl26816526.profitableratecpm.com/35/4f/fb/354ffbf35c2f9475466de6172547223c.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectprofitableratecpm.com
FingerprintF0:1C:19:8E:0A:66:67:96:FE:65:D1:76:02:CD:A0:DD:D4:3B:88:9E
ValidityFri, 06 Jun 2025 21:52:23 GMT - Thu, 04 Sep 2025 21:52:22 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
104 kB (104451 bytes)
Hash
8a4010ac892affbc74f13494785f851b
c9813697bef8bffb5cea38c93d0feb5ab1c75b4d
75e51b58944df3605637c5c878cafb6101aaf0df0e845f7b2ee6200248a97bbb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /35/4f/fb/354ffbf35c2f9475466de6172547223c.js HTTP/1.1
Host: pl26816526.profitableratecpm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Jun 2025 16:55:22 GMT
Content-Type: application/javascript
Content-Length: 32756
Connection: keep-alive
content-encoding: gzip
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 9
Host: pl26816526.profitableratecpm.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: f9f3220c8225c3ba8341c6e668b2ab35
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

vaimucuvikuwu.net/?rb=WI4F1EW5QBvUUv4OZDwVIbAqdyuQufrlsN4U8jguW48yRb0xZ29f4YAurETEN2x74Ug8zWWOY2oZiHNOMjRDVPzLlRkvXNGHZRQ1f7NoeC9DSh6ohDeqcAE_jqOTJcDjk0cIKsusDxzrKOs_8XaqnU4DocV05gSaEEjyTwj3UvGHjzuROMrrTFgS67IwoL6lLxB4g2DtIgcLPfytVRx5D4K2g5LNgodWzGpMOWykSVe7ch5ZjY88ze2hyoGqEj0VLcofi5Ty9oD5yCbhuURLsIWp1nrSj_CMAE6QHht7hMK3sTdmB6iPug%3D%3D&request_ab2=0&zoneid=9407004&js_build=iclick-v1.1456.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=-1&wgl=llvmpipe&js_build=iclick-v1.1456.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=29b2d1af-bfa8-45cc-8447-7711298c35e2&wasm=1&userId=0081e15845a4400be196798785c7a553&m=link

139.45.197.106

200 OK

3.3 kB

URL GET
vaimucuvikuwu.net/?rb=WI4F1EW5QBvUUv4OZDwVIbAqdyuQufrlsN4U8jguW48yRb0xZ29f4YAurETEN2x74Ug8zWWOY2oZiHNOMjRDVPzLlRkvXNGHZRQ1f7NoeC9DSh6ohDeqcAE_jqOTJcDjk0cIKsusDxzrKOs_8XaqnU4DocV05gSaEEjyTwj3UvGHjzuROMrrTFgS67IwoL6lLxB4g2DtIgcLPfytVRx5D4K2g5LNgodWzGpMOWykSVe7ch5ZjY88ze2hyoGqEj0VLcofi5Ty9oD5yCbhuURLsIWp1nrSj_CMAE6QHht7hMK3sTdmB6iPug%3D%3D&request_ab2=0&zoneid=9407004&js_build=iclick-v1.1456.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=-1&wgl=llvmpipe&js_build=iclick-v1.1456.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=29b2d1af-bfa8-45cc-8447-7711298c35e2&wasm=1&userId=0081e15845a4400be196798785c7a553&m=link
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectvaimucuvikuwu.net
Fingerprint15:95:D1:15:85:3D:65:BC:01:C6:97:22:A4:FB:38:F6:51:41:16:60
ValidityTue, 13 May 2025 05:39:41 GMT - Mon, 11 Aug 2025 05:39:40 GMT

File type
JSON text data
Size
3.3 kB (3271 bytes)
Hash
f8f197e8e7d87b6f4a549957e1de0942
cc4d37e3f9f2de0e48f7d4d43d50d59ec2b42439
a4905a59591f63d09ac8c49546a5074fb9ecfe0a9d1d5aeb547867f537f313df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=WI4F1EW5QBvUUv4OZDwVIbAqdyuQufrlsN4U8jguW48yRb0xZ29f4YAurETEN2x74Ug8zWWOY2oZiHNOMjRDVPzLlRkvXNGHZRQ1f7NoeC9DSh6ohDeqcAE_jqOTJcDjk0cIKsusDxzrKOs_8XaqnU4DocV05gSaEEjyTwj3UvGHjzuROMrrTFgS67IwoL6lLxB4g2DtIgcLPfytVRx5D4K2g5LNgodWzGpMOWykSVe7ch5ZjY88ze2hyoGqEj0VLcofi5Ty9oD5yCbhuURLsIWp1nrSj_CMAE6QHht7hMK3sTdmB6iPug%3D%3D&request_ab2=0&zoneid=9407004&js_build=iclick-v1.1456.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=-1&wgl=llvmpipe&js_build=iclick-v1.1456.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=29b2d1af-bfa8-45cc-8447-7711298c35e2&wasm=1&userId=0081e15845a4400be196798785c7a553&m=link HTTP/1.1
Host: vaimucuvikuwu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:23 GMT
content-type: application/json
x-trace-id: cff4ae77732fed3e9db017b11e3c4608
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0081e15845a4400be196798785c7a553; expires=Sun, 07 Jun 2026 16:55:23 GMT; path=/; secure; SameSite=None
oaidts=1749315323; expires=Sun, 07 Jun 2026 16:55:23 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 14 Jun 2025 16:55:23 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

experttrafficcounter.com/stats

52.58.57.192

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
52.58.57.192:443
ASN
#16509 AMAZON-02

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintCE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
35abd0a31f4df1c99fd5008c11d9c06c
2d1eee132ca4787e6bae1f5f9be87b6f91874ba6
80da363a42cdd72a14e88fa4467b50f1e7a197a19fa7291c18b5bfa464d96ce8

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:22 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sportsloverss.online
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=469bb474-1dc1-48d2-a2ea-7d0fa8499f40:1:1; expires=Tue, 05 Jun 2035 16:55:22 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ht.escinsuper.com/rG2eVOfCrjcQ/69521

23.109.170.241

200 OK

5 B

URL GET
ht.escinsuper.com/rG2eVOfCrjcQ/69521
IP
23.109.170.241:443
ASN
#7979 SERVERS-COM

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerLet's Encrypt
Subjectht.escinsuper.com
Fingerprint79:8E:ED:BD:CB:E5:C6:77:30:01:D8:35:A8:14:E2:F0:BC:85:7A:A8
ValidityThu, 29 May 2025 08:19:33 GMT - Wed, 27 Aug 2025 08:19:32 GMT

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
848667c49f5d3aef59cd65ed276cd7ae
bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763
cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rG2eVOfCrjcQ/69521 HTTP/1.1
Host: ht.escinsuper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportstreamslife.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 07 Jun 2025 16:55:23 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sportstreamslife.shop
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Sun, 08-Jun-2025 16:55:23 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 08-Jun-2025 16:55:23 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

grookilteepsou.net/pfe/current/tag.min.js?z=9407008

139.45.197.122

200 OK

30 kB

URL GET
grookilteepsou.net/pfe/current/tag.min.js?z=9407008
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectgrookilteepsou.net
Fingerprint88:32:02:85:20:BA:DC:ED:9E:9D:73:5A:A2:BA:00:56:79:A1:7D:44
ValiditySat, 29 Mar 2025 05:35:06 GMT - Fri, 27 Jun 2025 05:35:05 GMT

File type
JavaScript source, ASCII text, with very long lines (30518), with no line terminators
Size
30 kB (30518 bytes)
Hash
ea344cacad695cc8a96477c34e1d1d1a
44e894d95c07788e3bef8175a08fd05510039dd6
82d69723d1f6f20542503a907e66a32b82d29d1ed1bc8662238aaf2d937f3890

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/tag.min.js?z=9407008 HTTP/1.1
Host: grookilteepsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:24 GMT
content-type: application/javascript
last-modified: Wed, 28 May 2025 11:32:38 GMT
etag: W/"6836f456-7736"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

vaimucuvikuwu.net/wrr?z=9407004&p_rid=29b2d1af-bfa8-45cc-8447-7711298c35e2&rb=WI4F1EW5QBvUUv4OZDwVIbAqdyuQufrlsN4U8jguW48yRb0xZ29f4YAurETEN2x74Ug8zWWOY2oZiHNOMjRDVPzLlRkvXNGHZRQ1f7NoeC9DSh6ohDeqcAE_jqOTJcDjk0cIKsusDxzrKOs_8XaqnU4DocV05gSaEEjyTwj3UvGHjzuROMrrTFgS67IwoL6lLxB4g2DtIgcLPfytVRx5D4K2g5LNgodWzGpMOWykSVe7ch5ZjY88ze2hyoGqEj0VLcofi5Ty9oD5yCbhuURLsIWp1nrSj_CMAE6QHht7hMK3sTdmB6iPug==&dmn=&userId=0081e15845a4400be196798785c7a553

139.45.197.106

204 No Content

0 B

URL POST
vaimucuvikuwu.net/wrr?z=9407004&p_rid=29b2d1af-bfa8-45cc-8447-7711298c35e2&rb=WI4F1EW5QBvUUv4OZDwVIbAqdyuQufrlsN4U8jguW48yRb0xZ29f4YAurETEN2x74Ug8zWWOY2oZiHNOMjRDVPzLlRkvXNGHZRQ1f7NoeC9DSh6ohDeqcAE_jqOTJcDjk0cIKsusDxzrKOs_8XaqnU4DocV05gSaEEjyTwj3UvGHjzuROMrrTFgS67IwoL6lLxB4g2DtIgcLPfytVRx5D4K2g5LNgodWzGpMOWykSVe7ch5ZjY88ze2hyoGqEj0VLcofi5Ty9oD5yCbhuURLsIWp1nrSj_CMAE6QHht7hMK3sTdmB6iPug==&dmn=&userId=0081e15845a4400be196798785c7a553
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectvaimucuvikuwu.net
Fingerprint15:95:D1:15:85:3D:65:BC:01:C6:97:22:A4:FB:38:F6:51:41:16:60
ValidityTue, 13 May 2025 05:39:41 GMT - Mon, 11 Aug 2025 05:39:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /wrr?z=9407004&p_rid=29b2d1af-bfa8-45cc-8447-7711298c35e2&rb=WI4F1EW5QBvUUv4OZDwVIbAqdyuQufrlsN4U8jguW48yRb0xZ29f4YAurETEN2x74Ug8zWWOY2oZiHNOMjRDVPzLlRkvXNGHZRQ1f7NoeC9DSh6ohDeqcAE_jqOTJcDjk0cIKsusDxzrKOs_8XaqnU4DocV05gSaEEjyTwj3UvGHjzuROMrrTFgS67IwoL6lLxB4g2DtIgcLPfytVRx5D4K2g5LNgodWzGpMOWykSVe7ch5ZjY88ze2hyoGqEj0VLcofi5Ty9oD5yCbhuURLsIWp1nrSj_CMAE6QHht7hMK3sTdmB6iPug==&dmn=&userId=0081e15845a4400be196798785c7a553 HTTP/1.1
Host: vaimucuvikuwu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sportsloverss.online/
content-type: application/json
Content-Length: 2607
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Sat, 07 Jun 2025 16:55:23 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

sportstreamslife.shop/player/stream-55.php

172.67.205.180

200 OK

0 B

URL HEAD
sportstreamslife.shop/player/stream-55.php
IP
172.67.205.180:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerGoogle Trust Services
Subjectsportstreamslife.shop
Fingerprint04:9B:26:F4:23:A9:47:4B:15:CD:89:EE:F0:A9:C5:34:2B:48:D6:5C
ValidityFri, 02 May 2025 09:15:06 GMT - Thu, 31 Jul 2025 10:12:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /player/stream-55.php HTTP/1.1
Host: sportstreamslife.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportstreamslife.shop/player/stream-55.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Jun 2025 16:55:24 GMT
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TrnAnAuAAfI%2B%2BGt2tcMLcASRVRAC%2BIP80Sba2mYgpuOroWdhAoaR18fvwF5im6pkafQxHEBUza%2FB7GSG5Ti2k9lBigimKz0y1k6wCBahiZFBw3QAetlUiIC%2BjEWg3l%2BgVoH%2BXE%2BtfRg%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94c1ad485a39b4eb-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2877&min_rtt=605&rtt_var=1627&sent=117&recv=146&lost=0&retrans=0&sent_bytes=9505&recv_bytes=8393&delivery_rate=656852&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=62d30529655ccbe8&ts=1381&inflight_dur=14&x=80"

ocartoukseeli.net/tag.min.js

0.0.0.0

0 B

URL GET
ocartoukseeli.net/tag.min.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://sportstreamslife.shop/player/stream-55.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: ocartoukseeli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportstreamslife.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

wearychallengeraise.com/watch.1408098155644.js?key=f591db634d24e75b9d8ac135133ca656&kw=%5B%22callum%22%2C%22simpson%22%2C%22vs%22%2C%22ivan%22%2C%22zucco%22%2C%22%E2%80%93%22%2C%22sportsloverss%22%5D&refer=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&tz=0&dev=e&res=14.3095&rb=&uuid=3b2579d3-8349-402a-bf12-8951952eba03%3A2%3A1

192.243.59.13

307 Temporary Redirect

5.0 kB

URL GET
wearychallengeraise.com/watch.1408098155644.js?key=f591db634d24e75b9d8ac135133ca656&kw=%5B%22callum%22%2C%22simpson%22%2C%22vs%22%2C%22ivan%22%2C%22zucco%22%2C%22%E2%80%93%22%2C%22sportsloverss%22%5D&refer=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&tz=0&dev=e&res=14.3095&rb=&uuid=3b2579d3-8349-402a-bf12-8951952eba03%3A2%3A1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectwearychallengeraise.com
Fingerprint59:0D:D9:8E:52:01:C0:D1:1E:83:C9:8F:D9:E2:AA:FF:AF:B7:B8:51
ValiditySun, 20 Apr 2025 03:17:43 GMT - Sat, 19 Jul 2025 03:17:42 GMT

File type

Size
5.0 kB (4982 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.1408098155644.js?key=f591db634d24e75b9d8ac135133ca656&kw=%5B%22callum%22%2C%22simpson%22%2C%22vs%22%2C%22ivan%22%2C%22zucco%22%2C%22%E2%80%93%22%2C%22sportsloverss%22%5D&refer=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&tz=0&dev=e&res=14.3095&rb=&uuid=3b2579d3-8349-402a-bf12-8951952eba03%3A2%3A1 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:25 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sportsloverss.online
Access-Control-Allow-Origin: https://sportsloverss.online
Access-Control-Allow-Credentials: true
Location: https://wearychallengeraise.com/watch.1408098155644.js?dev=e&key=f591db634d24e75b9d8ac135133ca656&kw=%5B%22callum%22%2C%22simpson%22%2C%22vs%22%2C%22ivan%22%2C%22zucco%22%2C%22%E2%80%93%22%2C%22sportsloverss%22%5D&pst=1749315385&rb=&refer=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&res=14.3095&rmtc=t&shu=801348678f619bd744854b9562966b39aa37ee088e498185cff7fe74b5b3d15b239b0dc0eb35e6369e297086f386911e09251336f27f8a9f4d29e1c43abb1cfaeca13aa380a74fd43c9ef3cc873936c2a731834e646bb1e7f76e20&tz=0&uuid=3b2579d3-8349-402a-bf12-8951952eba03%3A2%3A1
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNjcxNjAzOCwiayI6ImY1OTFkYjYzNGQyNGU3NWI5ZDhhYzEzNTEzM2NhNjU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0OTc5ODE0LCJwaWQiOjI3MzI3NzYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6MjMsInB0Ijo0LCJwayI6InFlejZ0ZWE5YnkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3BvcnRzbG92ZXJzcy5vbmxpbmUvP3A9NzQ5IiwiYXIiOltdfX0.zY-y2LBrPmXd5JXmCMSKqbOJ7NFSA0i-2TTXroepZMY; expires=Sat, 07 Jun 2025 16:56:25 GMT; path=/; secure; SameSite=None
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 527990fec8f0d810237e86bcb282aa4e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

fpyf8.com/88/tag.min.js

139.45.196.64

200 OK

112 kB

URL GET
fpyf8.com/88/tag.min.js
IP
139.45.196.64:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectfpyf8.com
Fingerprint49:E2:D0:D4:0A:09:E2:0E:F1:59:39:5D:44:55:DE:E9:3B:50:09:89
ValidityWed, 14 May 2025 11:46:22 GMT - Tue, 12 Aug 2025 11:46:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65494)
Size
112 kB (111453 bytes)
Hash
52e0ab26c84d4707fb47ff7c0ab6c104
d573a862cbecdb9b3d68a48e13272a33743513f1
2132f896fbd6a76150763b8746b55e8745c5bcdfc50478139d7b0a4d8aaab0ef

HTTP Headers

GET /88/tag.min.js HTTP/1.1
Host: fpyf8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:21 GMT
content-type: text/javascript; charset=utf-8
content-length: 40974
content-encoding: br
x-trace-id: 0ec6925784bf935bb35401fd7f734d75
accept-ranges: bytes
last-modified: Fri, 06 Jun 2025 09:00:11 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

stouwhoafap.com/wrr?z=6712287&p_rid=aa71cc6c-a1bd-4380-8785-903c0068d7b2&rb=RqDpI7KUdKMgcCqnL82G18bZV6lP4Qj2dCaRp1nmeRnJkJumcTKwG5ShcBgoLtUu0aFCq5jfbHtHB59z_GK7lNEQoviIJs9tjeAXRmGcr2zsJVEwMgX2KwMAj5qC0dO-wNZZap_-fjr840GYdBW_KUVUyrF4bDPUDxT5u4UUWuegArqovm3XQAVDuM5fjCeZQR1WK9bMkREKFrcmRx_qMESz3m7izc3Kjb1ieJd0UaDqzjPX924GUJw5QkkK9xmlskMCG25ZO5Dttc6FME0V0-ra8X34kx5XNN69-ZPHsTMSw7VD&dmn=&userId=0081e15845a4400be196798785c7a553

139.45.196.63

204 No Content

0 B

URL OPTIONS
stouwhoafap.com/wrr?z=6712287&p_rid=aa71cc6c-a1bd-4380-8785-903c0068d7b2&rb=RqDpI7KUdKMgcCqnL82G18bZV6lP4Qj2dCaRp1nmeRnJkJumcTKwG5ShcBgoLtUu0aFCq5jfbHtHB59z_GK7lNEQoviIJs9tjeAXRmGcr2zsJVEwMgX2KwMAj5qC0dO-wNZZap_-fjr840GYdBW_KUVUyrF4bDPUDxT5u4UUWuegArqovm3XQAVDuM5fjCeZQR1WK9bMkREKFrcmRx_qMESz3m7izc3Kjb1ieJd0UaDqzjPX924GUJw5QkkK9xmlskMCG25ZO5Dttc6FME0V0-ra8X34kx5XNN69-ZPHsTMSw7VD&dmn=&userId=0081e15845a4400be196798785c7a553
IP
139.45.196.63:443
ASN
#9002 RETN Limited

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerLet's Encrypt
Subjectstouwhoafap.com
FingerprintEA:33:C8:F8:8D:16:53:AD:A2:91:CA:CF:DA:DF:C5:CC:DA:17:44:16
ValiditySat, 07 Jun 2025 00:08:14 GMT - Fri, 05 Sep 2025 00:08:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /wrr?z=6712287&p_rid=aa71cc6c-a1bd-4380-8785-903c0068d7b2&rb=RqDpI7KUdKMgcCqnL82G18bZV6lP4Qj2dCaRp1nmeRnJkJumcTKwG5ShcBgoLtUu0aFCq5jfbHtHB59z_GK7lNEQoviIJs9tjeAXRmGcr2zsJVEwMgX2KwMAj5qC0dO-wNZZap_-fjr840GYdBW_KUVUyrF4bDPUDxT5u4UUWuegArqovm3XQAVDuM5fjCeZQR1WK9bMkREKFrcmRx_qMESz3m7izc3Kjb1ieJd0UaDqzjPX924GUJw5QkkK9xmlskMCG25ZO5Dttc6FME0V0-ra8X34kx5XNN69-ZPHsTMSw7VD&dmn=&userId=0081e15845a4400be196798785c7a553 HTTP/1.1
Host: stouwhoafap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sportstreamslife.shop/
Origin: https://sportstreamslife.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Sat, 07 Jun 2025 16:55:26 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://sportstreamslife.shop
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

4.adsco.re:2087/

162.252.214.5

200 OK

45 B

URL GET
4.adsco.re:2087/
IP
162.252.214.5:2087
ASN
#53334 TUT-AS

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
45 B (45 bytes)
Hash
5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

HTTP Headers

GET / HTTP/1.1
Host: 4.adsco.re:2087
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 07 Jun 2025 16:55:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://sportsloverss.online
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip

my.rtmark.net/gid.js?userId=0081e166111541efe392e71ecd59768e

104.18.41.22

200 OK

65 B

URL GET
my.rtmark.net/gid.js?userId=0081e166111541efe392e71ecd59768e
IP
104.18.41.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint61:93:FB:BF:25:C3:CE:7B:CB:69:5D:87:04:AA:ED:1B:35:8D:44:82
ValidityFri, 02 May 2025 11:10:51 GMT - Thu, 31 Jul 2025 12:10:47 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
e5cc798bf385f4115d39348ed3f39623
af01eb81e6b631fdd9e10578ab38fe5480332fb1
4e0bea30efd657fac4da701b971134d93ab8c0313e3eb2d216ced366f5e02600

HTTP Headers

GET /gid.js?userId=0081e166111541efe392e71ecd59768e HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportstreamslife.shop
DNT: 1
Connection: keep-alive
Referer: https://sportstreamslife.shop/
Cookie: ID=0081e15845a4400be196798785c7a553
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Jun 2025 16:55:26 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sportstreamslife.shop
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0081e15845a4400be196798785c7a553; expires=Sun, 07 Jun 2026 16:55:26 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
priority: u=3,i=?0
server: cloudflare
cf-ray: 94c1ad53b90a56a4-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET
recordedthereby.com/sfp.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
Fingerprint43:76:D8:56:43:66:8A:49:51:DC:E6:8E:5A:E9:35:93:29:07:37:C1
ValidityMon, 05 May 2025 21:20:39 GMT - Sun, 03 Aug 2025 21:20:38 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85380 bytes)
Hash
108625937affa4b38bb17cea65510d72
2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportstreamslife.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Jun 2025 16:55:23 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: ad8fe8ca4578cb28d44f27411ac413ae
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

invadedisheartentrail.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=969

192.243.59.13

200 OK

0 B

URL GET
invadedisheartentrail.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=969
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=969 HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26716036=1; slec241229b746680fef8f280280d57d155e=[3078207]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:26 GMT
Content-Length: 0
Connection: keep-alive
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

nannyirrationalacquainted.com/watch.234889704762.js?dev=e&key=f591db634d24e75b9d8ac135133ca656&kw=%5B%22callum%22%2C%22simpson%22%2C%22vs%22%2C%22ivan%22%2C%22zucco%22%2C%22%E2%80%93%22%2C%22sportsloverss%22%5D&pst=1749315386&rb=&refer=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&res=14.3095&rmtc=t&shu=be0c3c21fdcca57e99ac28b892be5600b79d8ad7419e7a3378f3467e9b22ffb007b5453a6f165e98302fce402a99c7667775c632d7770b4cc5832c71e41946ffcba5523ebbe85fdfb4f0e3a8a5f17d8f96139ad2398fef6c3e3193&tz=0&uuid=3b2579d3-8349-402a-bf12-8951952eba03%3A2%3A1

192.243.61.227

200 OK

5.0 kB

URL GET
nannyirrationalacquainted.com/watch.234889704762.js?dev=e&key=f591db634d24e75b9d8ac135133ca656&kw=%5B%22callum%22%2C%22simpson%22%2C%22vs%22%2C%22ivan%22%2C%22zucco%22%2C%22%E2%80%93%22%2C%22sportsloverss%22%5D&pst=1749315386&rb=&refer=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&res=14.3095&rmtc=t&shu=be0c3c21fdcca57e99ac28b892be5600b79d8ad7419e7a3378f3467e9b22ffb007b5453a6f165e98302fce402a99c7667775c632d7770b4cc5832c71e41946ffcba5523ebbe85fdfb4f0e3a8a5f17d8f96139ad2398fef6c3e3193&tz=0&uuid=3b2579d3-8349-402a-bf12-8951952eba03%3A2%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectnannyirrationalacquainted.com
Fingerprint02:A2:15:3C:6C:15:16:0E:78:8F:56:09:21:EA:27:04:2D:EC:D5:E2
ValiditySun, 20 Apr 2025 00:43:48 GMT - Sat, 19 Jul 2025 00:43:47 GMT

File type
JavaScript source, ASCII text, with very long lines (4114)
Size
5.0 kB (4990 bytes)
Hash
4dd252191e7b7ede1dc8595d4934166b
df57879ebf73a2afbe7748fb8361f0088001158b
da3a2fb857338a2aa7c56a90b93b6111073aa17ef41a58d10b8205c537f464c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.234889704762.js?dev=e&key=f591db634d24e75b9d8ac135133ca656&kw=%5B%22callum%22%2C%22simpson%22%2C%22vs%22%2C%22ivan%22%2C%22zucco%22%2C%22%E2%80%93%22%2C%22sportsloverss%22%5D&pst=1749315386&rb=&refer=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&res=14.3095&rmtc=t&shu=be0c3c21fdcca57e99ac28b892be5600b79d8ad7419e7a3378f3467e9b22ffb007b5453a6f165e98302fce402a99c7667775c632d7770b4cc5832c71e41946ffcba5523ebbe85fdfb4f0e3a8a5f17d8f96139ad2398fef6c3e3193&tz=0&uuid=3b2579d3-8349-402a-bf12-8951952eba03%3A2%3A1 HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
Referer: https://sportsloverss.online/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNjcxNjAzOCwiayI6ImY1OTFkYjYzNGQyNGU3NWI5ZDhhYzEzNTEzM2NhNjU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0OTc5ODE0LCJwaWQiOjI3MzI3NzYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6MjMsInB0Ijo0LCJwayI6InFlejZ0ZWE5YnkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3BvcnRzbG92ZXJzcy5vbmxpbmUvP3A9NzQ5IiwiYXIiOltdfX0.zY-y2LBrPmXd5JXmCMSKqbOJ7NFSA0i-2TTXroepZMY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Jun 2025 16:55:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sportsloverss.online
Access-Control-Allow-Origin: https://sportsloverss.online
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3b2579d3-8349-402a-bf12-8951952eba03:2:1; expires=Sat, 14 Jun 2025 16:55:26 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sun, 08 Jun 2025 16:55:26 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sun, 08 Jun 2025 16:55:26 GMT; path=/; secure; SameSite=None
pdhtkv23=true; expires=Sun, 08 Jun 2025 16:55:26 GMT; path=/; secure; SameSite=None
uncs23=1; expires=Sun, 08 Jun 2025 16:55:26 GMT; path=/; secure; SameSite=None
u_pl26716038=1; expires=Sun, 08 Jun 2025 16:55:26 GMT; path=/; secure; SameSite=None
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: d7a26b5b2ffdea05083a064120e38e1a
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

bobapsoabauns.com/www/images/3303c3ec46f8b840a87559e75824b84b.jpg

104.21.73.203

200 OK

9.3 kB

URL GET
bobapsoabauns.com/www/images/3303c3ec46f8b840a87559e75824b84b.jpg
IP
104.21.73.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectbobapsoabauns.com
Fingerprint8C:C2:83:27:EF:DF:2F:25:DF:58:17:A2:0F:5F:E7:86:EA:92:7F:D9
ValidityWed, 21 May 2025 20:50:33 GMT - Tue, 19 Aug 2025 21:47:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
9.3 kB (9292 bytes)
Hash
3303c3ec46f8b840a87559e75824b84b
dca17ecb9395b5e83d50ba8c140af48d0b5a76ae
a680f7fe40d758da9e24159585e9d43a5080c8130fcf8349fae977243b6a0987

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /www/images/3303c3ec46f8b840a87559e75824b84b.jpg HTTP/1.1
Host: bobapsoabauns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Jun 2025 16:55:29 GMT
content-type: image/jpeg
content-length: 9292
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6cTT6TvV2f2HEVRz0AmNA8%2FiIcSCaOWa0oTt1a0AULV3nVFeAwL2Wszt%2Fr9nzA5Heo9b9NqAd1%2FCHAD57ltUS2oKoYSvg%2FTZiw3N9wAV3BlDDKOJZBFMI1C93%2BAbhmAcIpKXcw%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 27 Feb 2025 04:01:53 GMT
etag: "67bfe3b1-244c"
expires: Sun, 08 Jun 2025 06:19:00 GMT
cache-control: max-age=86400
timing-allow-origin: *
accept-ranges: bytes
age: 38188
cf-cache-status: HIT
cf-ray: 94c1ad6a0d5056c7-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4333&min_rtt=982&rtt_var=2608&sent=70&recv=92&lost=0&retrans=0&sent_bytes=6873&recv_bytes=5564&delivery_rate=497991&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=68799892b480b15e&ts=1235&inflight_dur=35&x=80"

roagrofoogrobo.com/500/9407005?excludes=23316440&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=roagrofoogrobo.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.107

200 OK

0 B

URL OPTIONS
roagrofoogrobo.com/500/9407005?excludes=23316440&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=roagrofoogrobo.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectroagrofoogrobo.com
FingerprintC7:CB:1C:71:86:21:01:54:9C:53:21:D6:A5:5E:65:12:E9:E8:E6:6B
ValidityTue, 13 May 2025 05:45:01 GMT - Mon, 11 Aug 2025 05:45:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/9407005?excludes=23316440&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=roagrofoogrobo.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: roagrofoogrobo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:29 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://sportsloverss.online
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

sportsloverss.online/wp-content/themes/newspaperly/js/script.js?ver=20160720

104.21.80.1

200 OK

3.9 kB

URL GET
sportsloverss.online/wp-content/themes/newspaperly/js/script.js?ver=20160720
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectsportsloverss.online
Fingerprint54:36:5E:9A:38:33:C5:8D:04:01:C3:97:B5:C8:EC:CD:37:4D:80:1C
ValidityTue, 27 May 2025 07:14:03 GMT - Mon, 25 Aug 2025 08:10:10 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
3.9 kB (3858 bytes)
Hash
61caf6e2f693a88ed96e1b413b90bb41
804f26a285cbf49c2aab613ddd5ed1c3889f9c20
affd9edd5dc26a271a81e36bade23368d81e7c628a7bb39901ec92376d296705

HTTP Headers

GET /wp-content/themes/newspaperly/js/script.js?ver=20160720 HTTP/1.1
Host: sportsloverss.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/?p=749
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:21 GMT
content-type: text/javascript
server: cloudflare
last-modified: Tue, 27 May 2025 08:29:56 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=I%2BPlRgsI8Rse4rM0qdCS12%2FUOrqt3px2XE4VjvnTcpYm%2FF%2Fl69SUDFMB0CcmTYqKWWrGgMuoq4%2BTD5G%2B6ABz98g5Gd6J2FCF7rryZK6z%2BbHR6g%3D%3D"}]}
age: 6357
cache-control: max-age=14400
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
content-encoding: br
cf-ray: 94c1ad39696c56c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sportsloverss.online/wp-includes/js/comment-reply.min.js?ver=6.8.1

104.21.80.1

200 OK

3.0 kB

URL GET
sportsloverss.online/wp-includes/js/comment-reply.min.js?ver=6.8.1
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectsportsloverss.online
Fingerprint54:36:5E:9A:38:33:C5:8D:04:01:C3:97:B5:C8:EC:CD:37:4D:80:1C
ValidityTue, 27 May 2025 07:14:03 GMT - Mon, 25 Aug 2025 08:10:10 GMT

File type
ASCII text, with very long lines (2991)
Size
3.0 kB (3026 bytes)
Hash
e4a49df71f8b98c1d9f9d8fce74d89e8
b95fcda0c8c26305ad94e80343d0cfca8a048a10
9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f

HTTP Headers

GET /wp-includes/js/comment-reply.min.js?ver=6.8.1 HTTP/1.1
Host: sportsloverss.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/?p=749
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:21 GMT
content-type: text/javascript
server: cloudflare
last-modified: Thu, 06 Feb 2025 17:27:26 GMT
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1C29Muqm9zjlus%2BowLzqs3PRc9%2BGkMtJ9H5UPUVWrTCf5Dn91EZHiQTfOj6WsarpZklVxik7iVNLI8TBYnM6fWAkKeKSP04Jk04v3qEpyt8OVQ%3D%3D"}]}
age: 6358
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94c1ad39797356c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

youradexchange.com/script/interstitial.php?r=9830542&srs=ab32a3fa87b6c640773829169452c1a6&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&cbpage=https%3A%2F%2Fsportsloverss.online%2F&atv=62.1&cbref=&pblcz=6707202&abtg=1&adbv=3-cdn-js

104.18.25.98

200 OK

2.2 kB

URL GET
youradexchange.com/script/interstitial.php?r=9830542&srs=ab32a3fa87b6c640773829169452c1a6&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&cbpage=https%3A%2F%2Fsportsloverss.online%2F&atv=62.1&cbref=&pblcz=6707202&abtg=1&adbv=3-cdn-js
IP
104.18.25.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint5D:6F:35:ED:36:A9:D9:F7:69:BE:71:FD:6E:3A:C4:28:3D:88:9D:58
ValiditySun, 01 Jun 2025 20:52:12 GMT - Sat, 30 Aug 2025 21:51:56 GMT

File type
JSON text data
Size
2.2 kB (2196 bytes)
Hash
7e4406ca080c8c0001e36abce66dad91
63e0a829e14a7d6a1fa7c97b3fcf5f230f83b26a
815a0dbea72dfb1e23ccbbce15733c4d8553154cf47dad834d95c11a52da87e4

HTTP Headers

GET /script/interstitial.php?r=9830542&srs=ab32a3fa87b6c640773829169452c1a6&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&cbpage=https%3A%2F%2Fsportsloverss.online%2F&atv=62.1&cbref=&pblcz=6707202&abtg=1&adbv=3-cdn-js HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sportstreamslife.shop/
Origin: https://sportstreamslife.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:24 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 94c1ad4b2e3f56b4-OSL
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

151.101.1.229

200 OK

525 kB

URL GET
cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://allupplay.xyz/premiumtv/daddylive.php?id=55
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4
ValidityMon, 02 Jun 2025 15:43:52 GMT - Sat, 04 Jul 2026 15:43:51 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
525 kB (525081 bytes)
Hash
f55c6c796275a41ce7d97bd160e648ff
936285f9c8c85a749a1ef8cfc4d5e84b7ea2bc89
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

HTTP Headers

GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allupplay.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.13
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
content-encoding: br
accept-ranges: bytes
date: Sat, 07 Jun 2025 16:55:24 GMT
age: 24823
x-served-by: cache-fra-etou8220029-FRA, cache-hel1410021-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 145133
X-Firefox-Spdy: h2

invadedisheartentrail.com/ren.gif?sid=H4sIAAAAAAAC_1RSTYgcRRSu3gQ8BCL-YEAR-mhAJj09PbMz5hCM6-qSuFmTyB48VXdVz5ZT3dVW9c_snBZXJMfxpMfab3azGIMY76LMepEFIeNpD9mLF4-CKB5ykJkdGXzQ7-_rB9_7Xn22V5ySAAU92XhPDYSU9Eqz5rmvbYqUqcq463fdulfzrrqbIm0FV93-1OnyjXojqHmX3Xd41FNXfK_ueXWv7q4KzWPVvzJDIbKHnXqt49UCv1ZvBujr_9emcGCoA1aekuch2OTZ3-IPIaIx0uTbFW56ucpefzspJM2VRskOP0h7qapSJIs01g7i9HD-N5SZEPLlElR6ON8AqtyfboBQTMjSS08QpodzmgjLgzOmoQRPEbILqMoxuBxD0DEitQvBHhMgYli_hTS5v650RbfPUDpFJ-T8339CVBNy_smLSJNvrkvRd-8oWeRCpQb92EL0xxDdMbLiCPlgCaI6QpR_AsF-Id6lC0iTB--qUvTckuseBLMzDUQ8huRDUOOgmH7CQRE7KDIHCTtxA68dRHXaaMUdFi17AQ0CxkOv0_Y9j3aiZRTRlOAQeTZEJIeI9A4yvYOeGEIXP8JsWRjmwOQT4ry_g5JZVJygMgQVJagEQZUTVKU9YNL4xt5n0hRhfR79eWzYkcq7e_RA5V2eElA9hGZ2X2Qfm11E-bnRIDZspKaOhrkd0ZDZveyUPDfVz_ni8FP0-InrB3Xf74TLQavV9mIet2O_7fltjzWXWb3Z5DDCQpilmSADMSE3nsbIxIRc_u53hPQIRh4hEi-AFq-CVhZ0y2KQPjKZ0rmRquTamFqkEjBlkeXnkW87e_KUvDI7Y-2fa-DRMZkbIm2RaYuPxE8EXXlvdFtVZP-2qgx5dCvLRSIGdHriOznNufPgBt-ulGZrK2b41ZvRFJimD-9yk9-kKRNp15CvrwvGuF5VOuLk-zWzycONwmxdL3RaZDc33lpdSzLNjREqHYOKxxcvIhIT8szPf80e76XTlyH0GLqwSIoFU6GOEGU7MNmiZxSBlos6zBxUhR1pP1w0pSCQfFHT0MLw4x_--G9okY80nU5TYffMPXS1A5rvIk0sSm1RSgsqhzDFuVGe6eNrvzZmhlA6o1BqZz-UWn5-JrIRJ27TDxutdrvF4xaLG6zhN1in6fFOQDutoBM0kZvJ1kr69N8AAAD__x2QpO2eBAAA

192.243.59.13

200 OK

0 B

URL GET
invadedisheartentrail.com/ren.gif?sid=H4sIAAAAAAAC_1RSTYgcRRSu3gQ8BCL-YEAR-mhAJj09PbMz5hCM6-qSuFmTyB48VXdVz5ZT3dVW9c_snBZXJMfxpMfab3azGIMY76LMepEFIeNpD9mLF4-CKB5ykJkdGXzQ7-_rB9_7Xn22V5ySAAU92XhPDYSU9Eqz5rmvbYqUqcq463fdulfzrrqbIm0FV93-1OnyjXojqHmX3Xd41FNXfK_ueXWv7q4KzWPVvzJDIbKHnXqt49UCv1ZvBujr_9emcGCoA1aekuch2OTZ3-IPIaIx0uTbFW56ucpefzspJM2VRskOP0h7qapSJIs01g7i9HD-N5SZEPLlElR6ON8AqtyfboBQTMjSS08QpodzmgjLgzOmoQRPEbILqMoxuBxD0DEitQvBHhMgYli_hTS5v650RbfPUDpFJ-T8339CVBNy_smLSJNvrkvRd-8oWeRCpQb92EL0xxDdMbLiCPlgCaI6QpR_AsF-Id6lC0iTB--qUvTckuseBLMzDUQ8huRDUOOgmH7CQRE7KDIHCTtxA68dRHXaaMUdFi17AQ0CxkOv0_Y9j3aiZRTRlOAQeTZEJIeI9A4yvYOeGEIXP8JsWRjmwOQT4ry_g5JZVJygMgQVJagEQZUTVKU9YNL4xt5n0hRhfR79eWzYkcq7e_RA5V2eElA9hGZ2X2Qfm11E-bnRIDZspKaOhrkd0ZDZveyUPDfVz_ni8FP0-InrB3Xf74TLQavV9mIet2O_7fltjzWXWb3Z5DDCQpilmSADMSE3nsbIxIRc_u53hPQIRh4hEi-AFq-CVhZ0y2KQPjKZ0rmRquTamFqkEjBlkeXnkW87e_KUvDI7Y-2fa-DRMZkbIm2RaYuPxE8EXXlvdFtVZP-2qgx5dCvLRSIGdHriOznNufPgBt-ulGZrK2b41ZvRFJimD-9yk9-kKRNp15CvrwvGuF5VOuLk-zWzycONwmxdL3RaZDc33lpdSzLNjREqHYOKxxcvIhIT8szPf80e76XTlyH0GLqwSIoFU6GOEGU7MNmiZxSBlos6zBxUhR1pP1w0pSCQfFHT0MLw4x_--G9okY80nU5TYffMPXS1A5rvIk0sSm1RSgsqhzDFuVGe6eNrvzZmhlA6o1BqZz-UWn5-JrIRJ27TDxutdrvF4xaLG6zhN1in6fFOQDutoBM0kZvJ1kr69N8AAAD__x2QpO2eBAAA
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC_1RSTYgcRRSu3gQ8BCL-YEAR-mhAJj09PbMz5hCM6-qSuFmTyB48VXdVz5ZT3dVW9c_snBZXJMfxpMfab3azGIMY76LMepEFIeNpD9mLF4-CKB5ykJkdGXzQ7-_rB9_7Xn22V5ySAAU92XhPDYSU9Eqz5rmvbYqUqcq463fdulfzrrqbIm0FV93-1OnyjXojqHmX3Xd41FNXfK_ueXWv7q4KzWPVvzJDIbKHnXqt49UCv1ZvBujr_9emcGCoA1aekuch2OTZ3-IPIaIx0uTbFW56ucpefzspJM2VRskOP0h7qapSJIs01g7i9HD-N5SZEPLlElR6ON8AqtyfboBQTMjSS08QpodzmgjLgzOmoQRPEbILqMoxuBxD0DEitQvBHhMgYli_hTS5v650RbfPUDpFJ-T8339CVBNy_smLSJNvrkvRd-8oWeRCpQb92EL0xxDdMbLiCPlgCaI6QpR_AsF-Id6lC0iTB--qUvTckuseBLMzDUQ8huRDUOOgmH7CQRE7KDIHCTtxA68dRHXaaMUdFi17AQ0CxkOv0_Y9j3aiZRTRlOAQeTZEJIeI9A4yvYOeGEIXP8JsWRjmwOQT4ry_g5JZVJygMgQVJagEQZUTVKU9YNL4xt5n0hRhfR79eWzYkcq7e_RA5V2eElA9hGZ2X2Qfm11E-bnRIDZspKaOhrkd0ZDZveyUPDfVz_ni8FP0-InrB3Xf74TLQavV9mIet2O_7fltjzWXWb3Z5DDCQpilmSADMSE3nsbIxIRc_u53hPQIRh4hEi-AFq-CVhZ0y2KQPjKZ0rmRquTamFqkEjBlkeXnkW87e_KUvDI7Y-2fa-DRMZkbIm2RaYuPxE8EXXlvdFtVZP-2qgx5dCvLRSIGdHriOznNufPgBt-ulGZrK2b41ZvRFJimD-9yk9-kKRNp15CvrwvGuF5VOuLk-zWzycONwmxdL3RaZDc33lpdSzLNjREqHYOKxxcvIhIT8szPf80e76XTlyH0GLqwSIoFU6GOEGU7MNmiZxSBlos6zBxUhR1pP1w0pSCQfFHT0MLw4x_--G9okY80nU5TYffMPXS1A5rvIk0sSm1RSgsqhzDFuVGe6eNrvzZmhlA6o1BqZz-UWn5-JrIRJ27TDxutdrvF4xaLG6zhN1in6fFOQDutoBM0kZvJ1kr69N8AAAD__x2QpO2eBAAA HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26716036=1; slec241229b746680fef8f280280d57d155e=[3078207]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:25 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: b7a31006d3f998a4e752ddddd222b3b7
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

bobapsoabauns.com/www/images/3303c3ec46f8b840a87559e75824b84b.jpg

104.21.73.203

200 OK

9.3 kB

URL GET
bobapsoabauns.com/www/images/3303c3ec46f8b840a87559e75824b84b.jpg
IP
104.21.73.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectbobapsoabauns.com
Fingerprint8C:C2:83:27:EF:DF:2F:25:DF:58:17:A2:0F:5F:E7:86:EA:92:7F:D9
ValidityWed, 21 May 2025 20:50:33 GMT - Tue, 19 Aug 2025 21:47:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
9.3 kB (9292 bytes)
Hash
3303c3ec46f8b840a87559e75824b84b
dca17ecb9395b5e83d50ba8c140af48d0b5a76ae
a680f7fe40d758da9e24159585e9d43a5080c8130fcf8349fae977243b6a0987

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /www/images/3303c3ec46f8b840a87559e75824b84b.jpg HTTP/1.1
Host: bobapsoabauns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:28 GMT
content-type: image/jpeg
content-length: 9292
server: cloudflare
last-modified: Thu, 27 Feb 2025 04:01:53 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "67bfe3b1-244c"
expires: Sun, 08 Jun 2025 06:19:00 GMT
cache-control: max-age=86400
timing-allow-origin: *
accept-ranges: bytes
age: 38187
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BEhvEXVVIAR4CUXjSNfX04c2tlL4OyigRbGJdbh8BKdv7EXoV1NB6cOD7XeJD6bD8blrR3G4xkdAyXG5SQenv%2BstSdQfoYLePjl8MDGGWw%3D%3D"}]}
cf-ray: 94c1ad620dda5688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sportsloverss.online/wp-content/themes/newspaperly/js/accessibility.js?ver=20160720

104.21.80.1

200 OK

1.2 kB

URL GET
sportsloverss.online/wp-content/themes/newspaperly/js/accessibility.js?ver=20160720
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectsportsloverss.online
Fingerprint54:36:5E:9A:38:33:C5:8D:04:01:C3:97:B5:C8:EC:CD:37:4D:80:1C
ValidityTue, 27 May 2025 07:14:03 GMT - Mon, 25 Aug 2025 08:10:10 GMT

File type
JavaScript source, ASCII text
Size
1.2 kB (1227 bytes)
Hash
939a91c88e6489b5280aef04d84f7316
dd2ef96b41e865ae0637a3506904c07a0826a871
3607065629dc85c928677d972f541e82f7da6aa6d645f3e8e90fd1f1dfaa53b8

HTTP Headers

GET /wp-content/themes/newspaperly/js/accessibility.js?ver=20160720 HTTP/1.1
Host: sportsloverss.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/?p=749
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:21 GMT
content-type: text/javascript
server: cloudflare
last-modified: Tue, 27 May 2025 08:29:56 GMT
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ku0KdR19NoAn0oYOPVou6RxgQKtY29DGjz1w2ocvSPi13T%2F1dnycdAul1N9kcS%2FKQHptBqEfdFr2daJIYWFN8Bv29iAWw4RL62F5dNhR8kJgTQ%3D%3D"}]}
age: 6358
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94c1ad39797056c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

grookilteepsou.net/event

139.45.197.122

200 OK

0 B

URL OPTIONS
grookilteepsou.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectgrookilteepsou.net
Fingerprint88:32:02:85:20:BA:DC:ED:9E:9D:73:5A:A2:BA:00:56:79:A1:7D:44
ValiditySat, 29 Mar 2025 05:35:06 GMT - Fri, 27 Jun 2025 05:35:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: grookilteepsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:26 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

139.45.197.107

200 OK

1.8 kB

URL GET
roagrofoogrobo.com/500/9407005?excludes=23316440&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=roagrofoogrobo.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectroagrofoogrobo.com
FingerprintC7:CB:1C:71:86:21:01:54:9C:53:21:D6:A5:5E:65:12:E9:E8:E6:6B
ValidityTue, 13 May 2025 05:45:01 GMT - Mon, 11 Aug 2025 05:45:00 GMT

File type
JSON text data
Size
1.8 kB (1790 bytes)
Hash
c851e7e86442816cb68b455fa809c267
79602993d8bddec40af677147e99d45546fe66e3
bafb5afcf5e86cae05ccb4d8730aa70faf6ce5bfc96e425e43d2674a37df8c58

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /500/9407005?excludes=23316440&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=roagrofoogrobo.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: roagrofoogrobo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: OAID=0081e15845a4400be196798785c7a553
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:29 GMT
content-type: application/javascript
x-trace-id: 6e6df6a1815741e37a4dd840ae78fa4f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://sportsloverss.online
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0081e15845a4400be196798785c7a553; expires=Sun, 07 Jun 2026 16:55:29 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/merriweather/v32/u-4e0qyriQwlOrhSvowK_l5UcA6zuSYEqOzpPe3HOZJ5eX1WtLaQwmYiSeqqJ-mXrVGjziE.woff2

142.250.74.35

200 OK

98 kB

URL GET
fonts.gstatic.com/s/merriweather/v32/u-4e0qyriQwlOrhSvowK_l5UcA6zuSYEqOzpPe3HOZJ5eX1WtLaQwmYiSeqqJ-mXrVGjziE.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 97776, version 1.0
Size
98 kB (97776 bytes)
Hash
e6c9a38367c7a204d3cc630e657c5f98
f04e08b1d0f67f8a0e91a0695317caa49af1ab66
a851aa2bdd01adc4d11d1982670db59caf5dd13efb42d58e83191e61b532aaa8

HTTP Headers

GET /s/merriweather/v32/u-4e0qyriQwlOrhSvowK_l5UcA6zuSYEqOzpPe3HOZJ5eX1WtLaQwmYiSeqqJ-mXrVGjziE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 97776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jun 2025 17:22:02 GMT
expires: Tue, 02 Jun 2026 17:22:02 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 19:26:07 GMT
content-type: font/woff2
age: 430400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=0081e15845a4400be196798785c7a553

104.18.41.22

200 OK

65 B

URL GET
my.rtmark.net/gid.js?userId=0081e15845a4400be196798785c7a553
IP
104.18.41.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint61:93:FB:BF:25:C3:CE:7B:CB:69:5D:87:04:AA:ED:1B:35:8D:44:82
ValidityFri, 02 May 2025 11:10:51 GMT - Thu, 31 Jul 2025 12:10:47 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
e5cc798bf385f4115d39348ed3f39623
af01eb81e6b631fdd9e10578ab38fe5480332fb1
4e0bea30efd657fac4da701b971134d93ab8c0313e3eb2d216ced366f5e02600

HTTP Headers

GET /gid.js?userId=0081e15845a4400be196798785c7a553 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:22 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sportsloverss.online
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0081e15845a4400be196798785c7a553; expires=Sun, 07 Jun 2026 16:55:22 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 94c1ad3cf85d0b06-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET
recordedthereby.com/sfp.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
Fingerprint43:76:D8:56:43:66:8A:49:51:DC:E6:8E:5A:E9:35:93:29:07:37:C1
ValidityMon, 05 May 2025 21:20:39 GMT - Sun, 03 Aug 2025 21:20:38 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85380 bytes)
Hash
108625937affa4b38bb17cea65510d72
2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Jun 2025 16:55:22 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c7a493a3abda572cbfe323d029e0ab4d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

ocartoukseeli.net/tag.min.js

0.0.0.0

0 B

URL GET
ocartoukseeli.net/tag.min.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://sportstreamslife.shop/player/stream-55.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: ocartoukseeli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportstreamslife.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

experttrafficcounter.com/stats

52.58.57.192

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
52.58.57.192:443
ASN
#16509 AMAZON-02

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintCE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
a84401bc2d39b5af3d3da3f85f22d15d
ced66181b44142fd24e487f4cc10e24d4eee9437
4856848eb6bb408eca922134bcf46ed63d6d6837d77edc93e5e4f2db5484fa4a

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportstreamslife.shop
DNT: 1
Connection: keep-alive
Referer: https://sportstreamslife.shop/
Cookie: uid_id2=3b2579d3-8349-402a-bf12-8951952eba03:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:23 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sportstreamslife.shop
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

139.45.196.63

204 No Content

0 B

URL POST
stouwhoafap.com/wrr?z=6712287&p_rid=aa71cc6c-a1bd-4380-8785-903c0068d7b2&rb=RqDpI7KUdKMgcCqnL82G18bZV6lP4Qj2dCaRp1nmeRnJkJumcTKwG5ShcBgoLtUu0aFCq5jfbHtHB59z_GK7lNEQoviIJs9tjeAXRmGcr2zsJVEwMgX2KwMAj5qC0dO-wNZZap_-fjr840GYdBW_KUVUyrF4bDPUDxT5u4UUWuegArqovm3XQAVDuM5fjCeZQR1WK9bMkREKFrcmRx_qMESz3m7izc3Kjb1ieJd0UaDqzjPX924GUJw5QkkK9xmlskMCG25ZO5Dttc6FME0V0-ra8X34kx5XNN69-ZPHsTMSw7VD&dmn=&userId=0081e15845a4400be196798785c7a553
IP
139.45.196.63:443
ASN
#9002 RETN Limited

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerLet's Encrypt
Subjectstouwhoafap.com
FingerprintEA:33:C8:F8:8D:16:53:AD:A2:91:CA:CF:DA:DF:C5:CC:DA:17:44:16
ValiditySat, 07 Jun 2025 00:08:14 GMT - Fri, 05 Sep 2025 00:08:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /wrr?z=6712287&p_rid=aa71cc6c-a1bd-4380-8785-903c0068d7b2&rb=RqDpI7KUdKMgcCqnL82G18bZV6lP4Qj2dCaRp1nmeRnJkJumcTKwG5ShcBgoLtUu0aFCq5jfbHtHB59z_GK7lNEQoviIJs9tjeAXRmGcr2zsJVEwMgX2KwMAj5qC0dO-wNZZap_-fjr840GYdBW_KUVUyrF4bDPUDxT5u4UUWuegArqovm3XQAVDuM5fjCeZQR1WK9bMkREKFrcmRx_qMESz3m7izc3Kjb1ieJd0UaDqzjPX924GUJw5QkkK9xmlskMCG25ZO5Dttc6FME0V0-ra8X34kx5XNN69-ZPHsTMSw7VD&dmn=&userId=0081e15845a4400be196798785c7a553 HTTP/1.1
Host: stouwhoafap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sportstreamslife.shop/
content-type: application/json
Content-Length: 2703
Origin: https://sportstreamslife.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Sat, 07 Jun 2025 16:55:26 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://sportstreamslife.shop
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

roagrofoogrobo.com/500/9407005?excludes=&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=roagrofoogrobo.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=7&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.107

200 OK

1.8 kB

URL GET
roagrofoogrobo.com/500/9407005?excludes=&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=roagrofoogrobo.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=7&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectroagrofoogrobo.com
FingerprintC7:CB:1C:71:86:21:01:54:9C:53:21:D6:A5:5E:65:12:E9:E8:E6:6B
ValidityTue, 13 May 2025 05:45:01 GMT - Mon, 11 Aug 2025 05:45:00 GMT

File type
JSON text data
Size
1.8 kB (1836 bytes)
Hash
255d9a36f09a8d8b3bfd3b23707cdbff
c56a7ad80cf8ea7e3bae7d6dfeb6cb73ce20814d
fd583aa2b2b99b2423971cc2b2443f5c7a2f46f93f6b1afbb287279a49a8c563

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /500/9407005?excludes=&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=roagrofoogrobo.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=7&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: roagrofoogrobo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: OAID=0301e14b8a36486de2dc192c75b74a56
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:27 GMT
content-type: application/javascript
x-trace-id: 94193852626f3757ed86a0c578d9e461
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://sportsloverss.online
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0081e15845a4400be196798785c7a553; expires=Sun, 07 Jun 2026 16:55:27 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

sportsloverss.online/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

104.21.80.1

200 OK

88 kB

URL GET
sportsloverss.online/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectsportsloverss.online
Fingerprint54:36:5E:9A:38:33:C5:8D:04:01:C3:97:B5:C8:EC:CD:37:4D:80:1C
ValidityTue, 27 May 2025 07:14:03 GMT - Mon, 25 Aug 2025 08:10:10 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: sportsloverss.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/?p=749
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:21 GMT
content-type: text/javascript
server: cloudflare
last-modified: Mon, 28 Aug 2023 17:14:24 GMT
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=k7b4JCGIJapai0%2FC%2BsmZzgUPKGxy%2FA9GEXG9NHOhIsLNoE41X0dBY8dS2FERGH89aBMwAPs41SppG1cPnj%2Fox8muovDggm7IyPqTMSXjMUDiyw%3D%3D"}]}
age: 6358
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94c1ad39695c56c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=3b2579d3-8349-402a-bf12-8951952eba03&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=354ffbf35c2f9475466de6172547223c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16

192.243.59.13

200 OK

0 B

URL GET
unseenreport.com/pxf.gif?uuid=3b2579d3-8349-402a-bf12-8951952eba03&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=354ffbf35c2f9475466de6172547223c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint70:62:DC:6C:0A:F4:AA:56:4E:74:DC:EF:DA:CC:60:5A:C4:34:CE:F2
ValiditySat, 17 May 2025 22:34:21 GMT - Fri, 15 Aug 2025 22:34:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=3b2579d3-8349-402a-bf12-8951952eba03&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=354ffbf35c2f9475466de6172547223c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:29 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: accf399b5d87cf9041e9b60254d3a323
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

grookilteepsou.net/event

139.45.197.122

200 OK

0 B

URL OPTIONS
grookilteepsou.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectgrookilteepsou.net
Fingerprint88:32:02:85:20:BA:DC:ED:9E:9D:73:5A:A2:BA:00:56:79:A1:7D:44
ValiditySat, 29 Mar 2025 05:35:06 GMT - Fri, 27 Jun 2025 05:35:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: grookilteepsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:26 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

wearychallengeraise.com/pixel/pure

192.243.59.13

204 No Content

0 B

URL OPTIONS
wearychallengeraise.com/pixel/pure
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectwearychallengeraise.com
Fingerprint59:0D:D9:8E:52:01:C0:D1:1E:83:C9:8F:D9:E2:AA:FF:AF:B7:B8:51
ValiditySun, 20 Apr 2025 03:17:43 GMT - Sat, 19 Jul 2025 03:17:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /pixel/pure HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:26 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css

188.114.97.1

200 OK

3.7 kB

URL GET
cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
ASCII text
Size
3.7 kB (3664 bytes)
Hash
da91945ede579f34a99cde40a98ce5a4
cfbf9b6c295766437a906f7fd6f46a0302240c9a
9b9d07bcd50263ebd848d3f60889a594727d925ee4488df503eac791023d57b1

HTTP Headers

GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:26 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"65aa8566-e50"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
age: 14161
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Dx41wppSPZoFMRiHJ9aTwIggLgYsjLYmmxor4yUYfjpm8ScLntu%2B%2FyiaWlw88Okz46KGeKqm%2Bh0WfxuKFBRoKVMUbm4TjaRPc%2BG413%2F2gglWppGn"}]}
cf-ray: 94c1ad58ffa556b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

invadedisheartentrail.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=78689&fd=159

192.243.59.13

200 OK

0 B

URL GET
invadedisheartentrail.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=78689&fd=159
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=78689&fd=159 HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26716036=1; slec241229b746680fef8f280280d57d155e=[3078207]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:27 GMT
Content-Length: 0
Connection: keep-alive
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.gstatic.com/s/merriweather/v32/u-4e0qyriQwlOrhSvowK_l5UcA6zuSYEqOzpPe3HOZJ5eX1WtLaQwmYiSeqqJ-mXrVGjziE.woff2

142.250.74.35

200 OK

98 kB

URL GET
fonts.gstatic.com/s/merriweather/v32/u-4e0qyriQwlOrhSvowK_l5UcA6zuSYEqOzpPe3HOZJ5eX1WtLaQwmYiSeqqJ-mXrVGjziE.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 97776, version 1.0
Size
98 kB (97776 bytes)
Hash
e6c9a38367c7a204d3cc630e657c5f98
f04e08b1d0f67f8a0e91a0695317caa49af1ab66
a851aa2bdd01adc4d11d1982670db59caf5dd13efb42d58e83191e61b532aaa8

HTTP Headers

GET /s/merriweather/v32/u-4e0qyriQwlOrhSvowK_l5UcA6zuSYEqOzpPe3HOZJ5eX1WtLaQwmYiSeqqJ-mXrVGjziE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 97776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jun 2025 17:22:02 GMT
expires: Tue, 02 Jun 2026 17:22:02 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 19:26:07 GMT
content-type: font/woff2
age: 430400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

172.67.193.52

200 OK

18 kB

URL GET
tzegilo.com/stattag.js
IP
172.67.193.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjecttzegilo.com
FingerprintBD:3B:17:0D:E4:BF:2D:A2:D2:DE:AD:AD:5B:4E:50:C8:BC:18:2A:3A
ValiditySat, 17 May 2025 12:47:13 GMT - Fri, 15 Aug 2025 13:41:30 GMT

File type
JavaScript source, ASCII text, with very long lines (17229)
Size
18 kB (17879 bytes)
Hash
01227f5edc20e0ff4ed643b27cb8bb68
d71a88f7341f2b1bdaa7deb9a66888607bd52598
75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:24 GMT
content-type: application/javascript
server: cloudflare
last-modified: Thu, 11 Jul 2024 10:23:58 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=gfY%2BbWoqSoHD%2FilMFSBOoBAF4sNJ8U8XnELe3PWjbLluNIz3MHsofVPDyJiHV3jNrGvQXvwxlLq4aj7ep7SZMA9ow9tUQlt5kQ%3D%3D"}]}
age: 5498
cache-control: max-age=14400
cf-cache-status: HIT
etag: W/"668fb2be-45d7"
content-encoding: br
cf-ray: 94c1ad4a2ec9569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

t.dtscout.com/i/?l=https%3A%2F%2Fallupplay.xyz%2Fpremiumtv%2Fdaddylive.php%3Fid%3D55&j=https%3A%2F%2Fsportstreamslife.shop%2F

104.26.11.2

200 OK

2.1 kB

URL GET
t.dtscout.com/i/?l=https%3A%2F%2Fallupplay.xyz%2Fpremiumtv%2Fdaddylive.php%3Fid%3D55&j=https%3A%2F%2Fsportstreamslife.shop%2F
IP
104.26.11.2:443
ASN
#13335 CLOUDFLARENET

Requested by
https://allupplay.xyz/premiumtv/daddylive.php?id=55
Certificate
IssuerGoogle Trust Services
Subjectdtscout.com
Fingerprint11:3C:3D:5C:B0:6F:26:8A:49:75:78:AB:D4:5F:97:20:13:A2:96:DC
ValidityMon, 05 May 2025 03:38:34 GMT - Sun, 03 Aug 2025 04:38:30 GMT

File type
ASCII text, with very long lines (2077)
Size
2.1 kB (2079 bytes)
Hash
51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c

HTTP Headers

GET /i/?l=https%3A%2F%2Fallupplay.xyz%2Fpremiumtv%2Fdaddylive.php%3Fid%3D55&j=https%3A%2F%2Fsportstreamslife.shop%2F HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allupplay.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:25 GMT
content-type: application/javascript
content-encoding: br
x-s: mtl2
set-cookie: m=1; Domain=dtscout.com; Expires=Sat, 07-Jun-2025 18:18:45 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
df=1749315325; Domain=dtscout.com; Expires=Mon, 15-Sep-2025 16:55:25 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.245
expires: Sat, 07 Jun 2025 16:55:24 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=97GSFWK%2BrBXuvKeSVyqbIa%2BkJYrfXYmQmpnLpNkMIH2NTVVNgAqaIk8zeoHIWliGyx4wfHZE1hJOAJagiMr5gah3%2Bd1NCeT%2F%2BajfklDRiCGUIi1%2FrPeU5Edelw%2Bcrzk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94c1ad4e2a30b4ee-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=735&min_rtt=476&rtt_var=514&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3196&recv_bytes=1138&delivery_rate=7956043&cwnd=254&unsent_bytes=0&cid=8c9a95f95778782e&ts=281&x=0"
X-Firefox-Spdy: h2

cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css

188.114.97.1

200 OK

79 kB

URL GET
cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
ASCII text
Size
79 kB (78689 bytes)
Hash
3d4123dbfb33d27a5cfdfcfa91df6783
e7d0eeeec54b848f0bc3da8685fa3bc88429d660
cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887

HTTP Headers

GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:26 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"65aa8566-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
age: 245116
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=00TvIrK8ikqyW%2B%2BXA93wPBbsqkmMap%2Fa%2BBdHOVi%2BAZ%2BpUcjTAu7y%2F6QVzbuRMaZSlWYLIdmxmls0aWK8YsVtQW0G7eEIl7Jh3s7kRTbaMLF54eYS"}]}
cf-ray: 94c1ad590fb556b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%7CMerriweather%3A400%2C700&ver=6.8.1

142.250.74.10

200 OK

7.4 kB

URL GET
fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%7CMerriweather%3A400%2C700&ver=6.8.1
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
ASCII text
Size
7.4 kB (7392 bytes)
Hash
a67e2ab07fd474686c8cb87ce5ac1aa3
9218f902c8bdcc9c3d3b7cfefe17ea7b49232c49
a34a5ee9cece01321dbb6fb82f624e127af20407fd4ac3ddbebd52dce62c5c38

HTTP Headers

GET /css?family=Lato%3A300%2C400%2C700%2C900%7CMerriweather%3A400%2C700&ver=6.8.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 07 Jun 2025 16:55:21 GMT
date: Sat, 07 Jun 2025 16:55:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

awwyjxkcvjlntd.com/

139.45.197.156

200 OK

0 B

URL HEAD
awwyjxkcvjlntd.com/
IP
139.45.197.156:443
ASN
#9002 RETN Limited

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerLet's Encrypt
Subjectawwyjxkcvjlntd.com
Fingerprint02:EB:A2:44:11:B9:01:C8:3D:03:54:B8:BE:2F:5B:9A:E3:DD:9C:94
ValidityFri, 06 Jun 2025 11:02:59 GMT - Thu, 04 Sep 2025 11:02:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: awwyjxkcvjlntd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Origin: https://sportstreamslife.shop
DNT: 1
Connection: keep-alive
Referer: https://sportstreamslife.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:24 GMT
content-type: text/html
x-t50r47a8c91e46-29i63d29: 00000000000000000000000000000000
vary: Accept-Encoding, Origin
access-control-allow-origin: https://sportstreamslife.shop
access-control-expose-headers: Link, X-Application-Token, X-Application-Key, X-Tag, X-Auth-Token, X-DirectionPartner-Id, X-ZoneType-Id, X-Hostname
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
x-application-key: e7bdguhw7wbDy29Vlckff7mejcw
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

experttrafficcounter.com/stats

52.58.57.192

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
52.58.57.192:443
ASN
#16509 AMAZON-02

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintCE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
a84401bc2d39b5af3d3da3f85f22d15d
ced66181b44142fd24e487f4cc10e24d4eee9437
4856848eb6bb408eca922134bcf46ed63d6d6837d77edc93e5e4f2db5484fa4a

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: uid_id2=3b2579d3-8349-402a-bf12-8951952eba03:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:25 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sportsloverss.online
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

antiadblocksystems.com/qvxdrodikp?qMXhNAdT=BQOCAAAAAAAACZUAApOF_Bkgf2LNuyg9plwHnLGX_lPfmJxL3LqSZ943Y_accwpAC9mehnHxNylt6e6baBauORA9-5ROAmcnQxpaDWvAv-YyBEPDUruVkkOGbblVddLx0rnL-v4vr6zic11uUXIJBAqc74_k6LK9EUey3rMcTSWpAf11ymFx5i4KWJQ_SOl78ROHpts_YTKuH78f4Q3JsolzIFR0B-vhe62FOJtnYCF4SwSiXTRKqLYBH541uC3WavQHeYOyWeqqM3-stA5WDbjvDfcfG_ox0aTkT-qKYTywkETqyfx2P__tiJD3RJUTcen53fyTjE7pFb6XbSWmJ2Ka3t-BQUBtoOQ6ZjIU8YcHNwLvIZAfNpi97teLednGuZ7TZqYcZvNovq3IeJw0ELQ8EpBIic-pOXQOJfznGEE2kpdoBYoynzzTLdvfycehE64bWesWxyhedPXLgODh6qIN-kxUDrxfTzHwb7PKUqpeB5SWCnrpC_w3sjwymdnGq5ptNu9HtGIQr1luk5FPWVmFJimMQ73dRni0Lgbwx26OiPEuqF7qP351v3rGzoMR2qfXU_aIb1WYna1AkeuJPpXQdfrgWsN6EiGVX3QwjJEM44H4UhKacGyKF6p5BgrYl4VfhW_eKNchSZBq5UQJ4XYnRo2LawV430xMC0JVUa9MkA5Zq-Ns4j0R0qEBgHJFRbrxw1hczw9Xybi0x7qTt1DU6q1RscrfsKslfAAFqo8kp0-ZzRPIqGlkwftA1FwBknsmLEXllqGZibyd71VW5uQ1qITyJ1wc29zodJkHBs0M961e4RlekySklRV0ISXfGs97JM1e1WcmBSuK4ksERZZCfc1DnHCzZ9N6dfZ4g_VVM2Hjdz_HSGnSh7oXT8MwndanjyVlTCQCST0Uf4-zE_D0pgjaXKEgapAcwvQPqQ5TtzcHiZOw-qkOoBE51NZoOdan3GBReaXcadFf-0gjbzL6vSANSSb_vegcowCH2IJEbOi_kEeQmCm_1MHJtqQdNs8UGqEZXY4Y6tUfxRLk7kBQOQic1Ro5YjwqZf0Zlg-JCGZ_B6qUldpYstjV7VCG_V5o7N_XYm8yEyfCez7ZVrZgDPUWeNLEBCsmfFpXfed_kJKh-y-Z-6X1n71GKnsC0QyZ9KVHInAsBiThQE9pik5T6I6P7WMl-dd89sg38UtOnPxns4ry-7iGssLZ&ZuatvDox=4&jfsLeQqV=5204079&FXBQgcoq=&pqaPONMU=0,0&ozyBMOLb=&vKJDXMuk=&s=1280,1024,1,1280,1024,0

208.95.113.2

200 OK

44 B

URL GET
antiadblocksystems.com/qvxdrodikp?qMXhNAdT=BQOCAAAAAAAACZUAApOF_Bkgf2LNuyg9plwHnLGX_lPfmJxL3LqSZ943Y_accwpAC9mehnHxNylt6e6baBauORA9-5ROAmcnQxpaDWvAv-YyBEPDUruVkkOGbblVddLx0rnL-v4vr6zic11uUXIJBAqc74_k6LK9EUey3rMcTSWpAf11ymFx5i4KWJQ_SOl78ROHpts_YTKuH78f4Q3JsolzIFR0B-vhe62FOJtnYCF4SwSiXTRKqLYBH541uC3WavQHeYOyWeqqM3-stA5WDbjvDfcfG_ox0aTkT-qKYTywkETqyfx2P__tiJD3RJUTcen53fyTjE7pFb6XbSWmJ2Ka3t-BQUBtoOQ6ZjIU8YcHNwLvIZAfNpi97teLednGuZ7TZqYcZvNovq3IeJw0ELQ8EpBIic-pOXQOJfznGEE2kpdoBYoynzzTLdvfycehE64bWesWxyhedPXLgODh6qIN-kxUDrxfTzHwb7PKUqpeB5SWCnrpC_w3sjwymdnGq5ptNu9HtGIQr1luk5FPWVmFJimMQ73dRni0Lgbwx26OiPEuqF7qP351v3rGzoMR2qfXU_aIb1WYna1AkeuJPpXQdfrgWsN6EiGVX3QwjJEM44H4UhKacGyKF6p5BgrYl4VfhW_eKNchSZBq5UQJ4XYnRo2LawV430xMC0JVUa9MkA5Zq-Ns4j0R0qEBgHJFRbrxw1hczw9Xybi0x7qTt1DU6q1RscrfsKslfAAFqo8kp0-ZzRPIqGlkwftA1FwBknsmLEXllqGZibyd71VW5uQ1qITyJ1wc29zodJkHBs0M961e4RlekySklRV0ISXfGs97JM1e1WcmBSuK4ksERZZCfc1DnHCzZ9N6dfZ4g_VVM2Hjdz_HSGnSh7oXT8MwndanjyVlTCQCST0Uf4-zE_D0pgjaXKEgapAcwvQPqQ5TtzcHiZOw-qkOoBE51NZoOdan3GBReaXcadFf-0gjbzL6vSANSSb_vegcowCH2IJEbOi_kEeQmCm_1MHJtqQdNs8UGqEZXY4Y6tUfxRLk7kBQOQic1Ro5YjwqZf0Zlg-JCGZ_B6qUldpYstjV7VCG_V5o7N_XYm8yEyfCez7ZVrZgDPUWeNLEBCsmfFpXfed_kJKh-y-Z-6X1n71GKnsC0QyZ9KVHInAsBiThQE9pik5T6I6P7WMl-dd89sg38UtOnPxns4ry-7iGssLZ&ZuatvDox=4&jfsLeQqV=5204079&FXBQgcoq=&pqaPONMU=0,0&ozyBMOLb=&vKJDXMuk=&s=1280,1024,1,1280,1024,0
IP
208.95.113.2:443
ASN
#53334 TUT-AS

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerSectigo Limited
Subjectantiadblocksystems.com
FingerprintA9:8E:48:CC:23:E1:93:58:AA:30:C1:90:55:6E:18:17:C5:66:56:9A
ValidityFri, 04 Apr 2025 00:00:00 GMT - Tue, 05 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
44 B (44 bytes)
Hash
d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

HTTP Headers

GET /qvxdrodikp?qMXhNAdT=BQOCAAAAAAAACZUAApOF_Bkgf2LNuyg9plwHnLGX_lPfmJxL3LqSZ943Y_accwpAC9mehnHxNylt6e6baBauORA9-5ROAmcnQxpaDWvAv-YyBEPDUruVkkOGbblVddLx0rnL-v4vr6zic11uUXIJBAqc74_k6LK9EUey3rMcTSWpAf11ymFx5i4KWJQ_SOl78ROHpts_YTKuH78f4Q3JsolzIFR0B-vhe62FOJtnYCF4SwSiXTRKqLYBH541uC3WavQHeYOyWeqqM3-stA5WDbjvDfcfG_ox0aTkT-qKYTywkETqyfx2P__tiJD3RJUTcen53fyTjE7pFb6XbSWmJ2Ka3t-BQUBtoOQ6ZjIU8YcHNwLvIZAfNpi97teLednGuZ7TZqYcZvNovq3IeJw0ELQ8EpBIic-pOXQOJfznGEE2kpdoBYoynzzTLdvfycehE64bWesWxyhedPXLgODh6qIN-kxUDrxfTzHwb7PKUqpeB5SWCnrpC_w3sjwymdnGq5ptNu9HtGIQr1luk5FPWVmFJimMQ73dRni0Lgbwx26OiPEuqF7qP351v3rGzoMR2qfXU_aIb1WYna1AkeuJPpXQdfrgWsN6EiGVX3QwjJEM44H4UhKacGyKF6p5BgrYl4VfhW_eKNchSZBq5UQJ4XYnRo2LawV430xMC0JVUa9MkA5Zq-Ns4j0R0qEBgHJFRbrxw1hczw9Xybi0x7qTt1DU6q1RscrfsKslfAAFqo8kp0-ZzRPIqGlkwftA1FwBknsmLEXllqGZibyd71VW5uQ1qITyJ1wc29zodJkHBs0M961e4RlekySklRV0ISXfGs97JM1e1WcmBSuK4ksERZZCfc1DnHCzZ9N6dfZ4g_VVM2Hjdz_HSGnSh7oXT8MwndanjyVlTCQCST0Uf4-zE_D0pgjaXKEgapAcwvQPqQ5TtzcHiZOw-qkOoBE51NZoOdan3GBReaXcadFf-0gjbzL6vSANSSb_vegcowCH2IJEbOi_kEeQmCm_1MHJtqQdNs8UGqEZXY4Y6tUfxRLk7kBQOQic1Ro5YjwqZf0Zlg-JCGZ_B6qUldpYstjV7VCG_V5o7N_XYm8yEyfCez7ZVrZgDPUWeNLEBCsmfFpXfed_kJKh-y-Z-6X1n71GKnsC0QyZ9KVHInAsBiThQE9pik5T6I6P7WMl-dd89sg38UtOnPxns4ry-7iGssLZ&ZuatvDox=4&jfsLeQqV=5204079&FXBQgcoq=&pqaPONMU=0,0&ozyBMOLb=&vKJDXMuk=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: antiadblocksystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
popads-node: wb4
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sat, 07 Jun 2025 16:55:29 GMT
X-Firefox-Spdy: h2

cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg

188.114.97.1

200 OK

65 kB

URL GET
cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
Fingerprint0B:D7:09:43:6C:42:76:92:3B:8C:0E:15:43:A3:A3:AC:94:B2:C2:CB
ValiditySun, 13 Apr 2025 21:34:38 GMT - Sat, 12 Jul 2025 22:33:20 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=242, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=364], progressive, precision 8, 364x242, components 3
Size
65 kB (64642 bytes)
Hash
61f7b1fa1698507638df7882e2bdfcaf
89134af9a734f4c30d0db01ea36c86895e46b7e3
bc0a583f7e3c834e53d5263ecc90d279b27460ea2e9bce56b7ac6b129eb5849c

HTTP Headers

GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Jun 2025 16:55:28 GMT
content-type: image/jpeg
content-length: 64642
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: "65aa8566-fc82"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 270025
cf-cache-status: HIT
priority: u=4,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DTCB6DN2ufrAWE8bXoPpYf%2F5BRFoJmYM7bPsaRd6DhgACa4Ap%2FsyOgFwKTx7LxMZjJOb7gj2tA7igFCYMNWmUJwCFE%2B%2BNCBNkGJVYgIUcfHybeHO"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94c1ad654d3fb51e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

experttrafficcounter.com/stats

52.58.57.192

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
52.58.57.192:443
ASN
#16509 AMAZON-02

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintCE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
a84401bc2d39b5af3d3da3f85f22d15d
ced66181b44142fd24e487f4cc10e24d4eee9437
4856848eb6bb408eca922134bcf46ed63d6d6837d77edc93e5e4f2db5484fa4a

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: uid_id2=3b2579d3-8349-402a-bf12-8951952eba03:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:23 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sportsloverss.online
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

upload.wikimedia.org/wikipedia/commons/2/21/Speaker_Icon.svg

185.15.59.240

200 OK

514 B

URL GET
upload.wikimedia.org/wikipedia/commons/2/21/Speaker_Icon.svg
IP
185.15.59.240:443
ASN
#14907 WIKIMEDIA

Requested by
https://allupplay.xyz/premiumtv/daddylive.php?id=55
Certificate
IssuerDigiCert Inc
Subject*.wikipedia.org
Fingerprint0B:3A:AB:D4:5E:55:A4:08:2B:F7:C1:DA:63:37:75:F1:EB:04:6E:A5
ValidityThu, 26 Sep 2024 00:00:00 GMT - Fri, 17 Oct 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
514 B (514 bytes)
Hash
1e965f9ca6bac55c4bfece8dabe6fa47
ea28e0f6d1a42bd7f2ab416bcf2a9fd0dde55fab
70e589ae4b79586ddd4eadd1ac8b501d64ab0433c2038c92e945fbb6195ad7a9

HTTP Headers

GET /wikipedia/commons/2/21/Speaker_Icon.svg HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allupplay.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 02:15:31 GMT
server: ATS/9.2.9
etag: W/1e965f9ca6bac55c4bfece8dabe6fa47
content-type: image/svg+xml
x-object-meta-sha1base36: rcosig5pk1fefnugtbiewl19zhtt86j
last-modified: Wed, 28 Aug 2019 18:11:18 GMT
content-encoding: gzip
age: 52792
accept-ranges: bytes
x-cache: cp3078 hit, cp3078 hit/12566
x-cache-status: hit-front
server-timing: cache;desc="hit-front", host;desc="cp3078"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
x-client-ip: 91.90.42.154
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
set-cookie: WMF-Uniq=44_ZXOsomXhoPo7zFfwA0gILAAAAAFvdhEpjFTTOHBPDjliQkkmK-YdmM5gffOY9;Domain=upload.wikimedia.org;Path=/;HttpOnly;secure;SameSite=None;Expires=Sun, 07 Jun 2026 00:00:00 GMT
content-length: 328
X-Firefox-Spdy: h2

stouwhoafap.com/

139.45.196.63

200 OK

113 kB

URL GET
stouwhoafap.com/
IP
139.45.196.63:443
ASN
#9002 RETN Limited

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerLet's Encrypt
Subjectstouwhoafap.com
FingerprintEA:33:C8:F8:8D:16:53:AD:A2:91:CA:CF:DA:DF:C5:CC:DA:17:44:16
ValiditySat, 07 Jun 2025 00:08:14 GMT - Fri, 05 Sep 2025 00:08:13 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
113 kB (112717 bytes)
Hash
aa7d5faf9ed7592f9ffb9187384f3484
2f4a76e568f60a1ec587cd20e0cd52ba9c7ea3b9
e4948d4ca0eb8ba3b90ec3e6bfbf2ce56628eb9895f7b0f2f837db7926d2dc58

HTTP Headers

GET / HTTP/1.1
Host: stouwhoafap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Favicon: 6712287
Origin: https://sportstreamslife.shop
DNT: 1
Connection: keep-alive
Referer: https://sportstreamslife.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:25 GMT
content-type: application/javascript
x-trace-id: 45113bc9d1a65f64827e84a463221818
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://sportstreamslife.shop
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0081e166111541efe392e71ecd59768e; expires=Sun, 07 Jun 2026 16:55:25 GMT; path=/; secure; SameSite=None
oaidts=1749315325; expires=Sun, 07 Jun 2026 16:55:25 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

eehassoosostoa.com/500/9407006?excludes=&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=eehassoosostoa.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.107

200 OK

0 B

URL OPTIONS
eehassoosostoa.com/500/9407006?excludes=&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=eehassoosostoa.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjecteehassoosostoa.com
Fingerprint01:46:44:F3:28:40:0F:8C:B3:03:88:62:28:07:5D:E9:8D:B4:C1:5A
ValidityTue, 13 May 2025 05:48:38 GMT - Mon, 11 Aug 2025 05:48:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/9407006?excludes=&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=eehassoosostoa.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: eehassoosostoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:35 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://sportsloverss.online
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

grookilteepsou.net/3bT/27mJf/universal.min.js?v=3.1.620

139.45.197.122

200 OK

68 kB

URL GET
grookilteepsou.net/3bT/27mJf/universal.min.js?v=3.1.620
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectgrookilteepsou.net
Fingerprint88:32:02:85:20:BA:DC:ED:9E:9D:73:5A:A2:BA:00:56:79:A1:7D:44
ValiditySat, 29 Mar 2025 05:35:06 GMT - Fri, 27 Jun 2025 05:35:05 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
68 kB (67689 bytes)
Hash
85b69b8381c37882a654001105a721c3
69a7b7da4bc0fa9cc5293a8dfa66d423345922ce
a049e63721138860de8672b45ca343910efb9a70fa9fa95d1fdcc2b77a0862d8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3bT/27mJf/universal.min.js?v=3.1.620 HTTP/1.1
Host: grookilteepsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:24 GMT
content-type: application/javascript
last-modified: Wed, 28 May 2025 11:32:38 GMT
etag: W/"6836f456-10869"
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

wearychallengeraise.com/pixel/purst?dl=0&th=0&sc=0&rs=1368&rd=1368&fd=556&bv=25.5.2579&tmpl=70

192.243.59.13

200 OK

0 B

URL GET
wearychallengeraise.com/pixel/purst?dl=0&th=0&sc=0&rs=1368&rd=1368&fd=556&bv=25.5.2579&tmpl=70
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectwearychallengeraise.com
Fingerprint59:0D:D9:8E:52:01:C0:D1:1E:83:C9:8F:D9:E2:AA:FF:AF:B7:B8:51
ValiditySun, 20 Apr 2025 03:17:43 GMT - Sat, 19 Jul 2025 03:17:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1368&rd=1368&fd=556&bv=25.5.2579&tmpl=70 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:23 GMT
Content-Length: 0
Connection: keep-alive
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

sportsloverss.online/favicon.ico

104.21.80.1

404 Not Found

315 B

URL GET
sportsloverss.online/favicon.ico
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectsportsloverss.online
Fingerprint54:36:5E:9A:38:33:C5:8D:04:01:C3:97:B5:C8:EC:CD:37:4D:80:1C
ValidityTue, 27 May 2025 07:14:03 GMT - Mon, 25 Aug 2025 08:10:10 GMT

File type
HTML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sportsloverss.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/?p=749
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 07 Jun 2025 16:55:23 GMT
content-type: text/html; charset=iso-8859-1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nkx%2By4qGBQTv9KBeWEXwZ1%2FRW%2FuozgiPyS9jNudlyCJV4u2RuTvUcBOveNA%2BLE8aKgjM5yY6JPU%2Fn32JoseKNBwPbHdKAKQbPysD8NI9IdQ6wGlbenndbDPY0ykrblwyX6GfPFZtEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-cache-status: EXPIRED
content-encoding: br
cf-ray: 94c1ad4268a70b55-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3237&min_rtt=606&rtt_var=1400&sent=104&recv=149&lost=0&retrans=0&sent_bytes=14380&recv_bytes=8767&delivery_rate=1271182&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=2ec75cf4c43e9811&ts=1852&inflight_dur=39&x=80"

youradexchange.com/script/suurl5.php?r=6707202&cbur=0.18922916449137595&cbiframe=1&cbWidth=710&cbHeight=480&cbtitle=&cbpage=https%3A%2F%2Fsportsloverss.online%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=jzwfaybzrhusx.tech&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1749315324044&srs=ab32a3fa87b6c640773829169452c1a6&atv=62.1&abtg=1&adbv=3-cdn-js

104.18.25.98

200 OK

965 B

URL GET
youradexchange.com/script/suurl5.php?r=6707202&cbur=0.18922916449137595&cbiframe=1&cbWidth=710&cbHeight=480&cbtitle=&cbpage=https%3A%2F%2Fsportsloverss.online%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=jzwfaybzrhusx.tech&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1749315324044&srs=ab32a3fa87b6c640773829169452c1a6&atv=62.1&abtg=1&adbv=3-cdn-js
IP
104.18.25.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint5D:6F:35:ED:36:A9:D9:F7:69:BE:71:FD:6E:3A:C4:28:3D:88:9D:58
ValiditySun, 01 Jun 2025 20:52:12 GMT - Sat, 30 Aug 2025 21:51:56 GMT

File type
JSON text data
Size
965 B (965 bytes)
Hash
c302be6ca71f2da8fecaa28b876ea4c5
1886e7f6f835a26c4c4f8b2a4f221e729c151f81
a88591dd4aec5f8d5cc746fd61fa5fda8fefd1c72d1c10c5917ec5e036eb757c

HTTP Headers

GET /script/suurl5.php?r=6707202&cbur=0.18922916449137595&cbiframe=1&cbWidth=710&cbHeight=480&cbtitle=&cbpage=https%3A%2F%2Fsportsloverss.online%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=jzwfaybzrhusx.tech&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1749315324044&srs=ab32a3fa87b6c640773829169452c1a6&atv=62.1&abtg=1&adbv=3-cdn-js HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sportstreamslife.shop/
Origin: https://sportstreamslife.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:24 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 94c1ad481ae756b4-OSL
X-Firefox-Spdy: h2

madurird.com/wrr?z=9384830&p_rid=5f71868c-592e-4217-b39b-db55b312837d&rb=woAGHwnmhkGM_605g-b_VcJ9kQ7PAuvpOSYOnwQjxsvETLjRwGF--OHbeosa092bEZm1P_pP3xGw5OI0yQI3kimesre7Tibw7Im1CNMs8Fu9OLSmRltWy94415-VC405kbNx0E-RoAHDKolAjQcdZPmrP_sB1OdjyFxELzqEgKS1iOOFX96GkfFbyjE7S_nkK7sNLLyGgUC0HzU60vluShhUqSboRg_hWP0EGF1GZRNYvh6pUV3jsZGG4EsaLpT4QPDU664g4fVCdlclV1084BmpMXs6JALXhHDtigj0nOPjlrHa&dmn=madurird.com&userId=0081e15845a4400be196798785c7a553

139.45.197.106

204 No Content

0 B

URL OPTIONS
madurird.com/wrr?z=9384830&p_rid=5f71868c-592e-4217-b39b-db55b312837d&rb=woAGHwnmhkGM_605g-b_VcJ9kQ7PAuvpOSYOnwQjxsvETLjRwGF--OHbeosa092bEZm1P_pP3xGw5OI0yQI3kimesre7Tibw7Im1CNMs8Fu9OLSmRltWy94415-VC405kbNx0E-RoAHDKolAjQcdZPmrP_sB1OdjyFxELzqEgKS1iOOFX96GkfFbyjE7S_nkK7sNLLyGgUC0HzU60vluShhUqSboRg_hWP0EGF1GZRNYvh6pUV3jsZGG4EsaLpT4QPDU664g4fVCdlclV1084BmpMXs6JALXhHDtigj0nOPjlrHa&dmn=madurird.com&userId=0081e15845a4400be196798785c7a553
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectmadurird.com
FingerprintE6:F5:25:47:3F:87:05:23:96:F8:35:FA:1C:BC:79:F8:B3:85:26:2D
ValiditySat, 19 Apr 2025 05:46:37 GMT - Fri, 18 Jul 2025 05:46:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /wrr?z=9384830&p_rid=5f71868c-592e-4217-b39b-db55b312837d&rb=woAGHwnmhkGM_605g-b_VcJ9kQ7PAuvpOSYOnwQjxsvETLjRwGF--OHbeosa092bEZm1P_pP3xGw5OI0yQI3kimesre7Tibw7Im1CNMs8Fu9OLSmRltWy94415-VC405kbNx0E-RoAHDKolAjQcdZPmrP_sB1OdjyFxELzqEgKS1iOOFX96GkfFbyjE7S_nkK7sNLLyGgUC0HzU60vluShhUqSboRg_hWP0EGF1GZRNYvh6pUV3jsZGG4EsaLpT4QPDU664g4fVCdlclV1084BmpMXs6JALXhHDtigj0nOPjlrHa&dmn=madurird.com&userId=0081e15845a4400be196798785c7a553 HTTP/1.1
Host: madurird.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Sat, 07 Jun 2025 16:55:26 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

grookilteepsou.net/event

139.45.197.122

200 OK

0 B

URL OPTIONS
grookilteepsou.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectgrookilteepsou.net
Fingerprint88:32:02:85:20:BA:DC:ED:9E:9D:73:5A:A2:BA:00:56:79:A1:7D:44
ValiditySat, 29 Mar 2025 05:35:06 GMT - Fri, 27 Jun 2025 05:35:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: grookilteepsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:26 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jun 2025 00:24:14 GMT
expires: Sat, 06 Jun 2026 00:24:14 GMT
cache-control: public, max-age=31536000
age: 145875
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

glempirteechacm.com/impression/SWDM8N9jlTrEM3LKkjfVhxEBw3217vXdH-lBLCFRPpI5gAKWSIuQqO_ulFaOokSS70-twkEBMveM0ghAXArZ4ywbO58EzmRD_ky17E38u6PejI231Ufgyxl3i8_g9Qn3TSnjs3eOyiaZ0ATmMj8PVty3t_DNbxlMoPJ8vKKCskT0RaafMc5WybZYBGEcx4a1ObGidZdogdmpLgr2Ia43kh9h6iOoPZH7tr6U8OuEVSB9iJBEoJnOjWAcKV-WaUkUNaxYXm9o6Wa70marydAL-yKZs-LAQhZgy6RQnjiKQKa3lQz66FbYo2bQUa84qfqjJepJNuY3OKXERE75WsNtEUr5fjMBWfMR7lsTsbdroLG29jAHVkT4dTsaBTWAU95JrUe1GevFKm_0OPrMk4GxmJAFKtV-3EURbh9_2d01qp9jivM6Hs7zdTD_whEbA5HsjbqGxzAh4duK3XLidMWFhEs7qehVh-8TKs3iyBpGjQa-yBdRVuT0Q67h3NI-2XpimcKxggrMDtha_r_jOuGc3bCqEKpDbfXd6Kkyenq9iDrGwL7kKkupJued3XKRyF8cIURlvzOxqYXJmEDzgx8ALlB9GflTlH_8GBACRJnP6kqWkOqiEy7hzeFkWztO2OrDRWNBslK0AO5kE9NjxCVeJttDqwz96h66ZwF38sMAjV5_dEPoqbamfAsXEY2M_pw7Tq9AUplWos3UzpDIyxNuxSd3YyugD1T2iq2jeWTLydiY838QRgntmQ==?_z=9407007&js_build=8&sw_version=v1.644.0&dmn=glempirteechacm.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=5&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.106

200 OK

43 B

URL GET
glempirteechacm.com/impression/SWDM8N9jlTrEM3LKkjfVhxEBw3217vXdH-lBLCFRPpI5gAKWSIuQqO_ulFaOokSS70-twkEBMveM0ghAXArZ4ywbO58EzmRD_ky17E38u6PejI231Ufgyxl3i8_g9Qn3TSnjs3eOyiaZ0ATmMj8PVty3t_DNbxlMoPJ8vKKCskT0RaafMc5WybZYBGEcx4a1ObGidZdogdmpLgr2Ia43kh9h6iOoPZH7tr6U8OuEVSB9iJBEoJnOjWAcKV-WaUkUNaxYXm9o6Wa70marydAL-yKZs-LAQhZgy6RQnjiKQKa3lQz66FbYo2bQUa84qfqjJepJNuY3OKXERE75WsNtEUr5fjMBWfMR7lsTsbdroLG29jAHVkT4dTsaBTWAU95JrUe1GevFKm_0OPrMk4GxmJAFKtV-3EURbh9_2d01qp9jivM6Hs7zdTD_whEbA5HsjbqGxzAh4duK3XLidMWFhEs7qehVh-8TKs3iyBpGjQa-yBdRVuT0Q67h3NI-2XpimcKxggrMDtha_r_jOuGc3bCqEKpDbfXd6Kkyenq9iDrGwL7kKkupJued3XKRyF8cIURlvzOxqYXJmEDzgx8ALlB9GflTlH_8GBACRJnP6kqWkOqiEy7hzeFkWztO2OrDRWNBslK0AO5kE9NjxCVeJttDqwz96h66ZwF38sMAjV5_dEPoqbamfAsXEY2M_pw7Tq9AUplWos3UzpDIyxNuxSd3YyugD1T2iq2jeWTLydiY838QRgntmQ==?_z=9407007&js_build=8&sw_version=v1.644.0&dmn=glempirteechacm.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=5&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectglempirteechacm.com
Fingerprint51:89:C2:30:06:BF:A8:71:E7:A4:F8:CD:8F:A9:31:DE:A9:CC:63:67
ValidityTue, 13 May 2025 05:47:53 GMT - Mon, 11 Aug 2025 05:47:52 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/SWDM8N9jlTrEM3LKkjfVhxEBw3217vXdH-lBLCFRPpI5gAKWSIuQqO_ulFaOokSS70-twkEBMveM0ghAXArZ4ywbO58EzmRD_ky17E38u6PejI231Ufgyxl3i8_g9Qn3TSnjs3eOyiaZ0ATmMj8PVty3t_DNbxlMoPJ8vKKCskT0RaafMc5WybZYBGEcx4a1ObGidZdogdmpLgr2Ia43kh9h6iOoPZH7tr6U8OuEVSB9iJBEoJnOjWAcKV-WaUkUNaxYXm9o6Wa70marydAL-yKZs-LAQhZgy6RQnjiKQKa3lQz66FbYo2bQUa84qfqjJepJNuY3OKXERE75WsNtEUr5fjMBWfMR7lsTsbdroLG29jAHVkT4dTsaBTWAU95JrUe1GevFKm_0OPrMk4GxmJAFKtV-3EURbh9_2d01qp9jivM6Hs7zdTD_whEbA5HsjbqGxzAh4duK3XLidMWFhEs7qehVh-8TKs3iyBpGjQa-yBdRVuT0Q67h3NI-2XpimcKxggrMDtha_r_jOuGc3bCqEKpDbfXd6Kkyenq9iDrGwL7kKkupJued3XKRyF8cIURlvzOxqYXJmEDzgx8ALlB9GflTlH_8GBACRJnP6kqWkOqiEy7hzeFkWztO2OrDRWNBslK0AO5kE9NjxCVeJttDqwz96h66ZwF38sMAjV5_dEPoqbamfAsXEY2M_pw7Tq9AUplWos3UzpDIyxNuxSd3YyugD1T2iq2jeWTLydiY838QRgntmQ==?_z=9407007&js_build=8&sw_version=v1.644.0&dmn=glempirteechacm.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=5&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: glempirteechacm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: OAID=0081e15845a4400be196798785c7a553
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:29 GMT
content-type: image/gif
content-length: 43
x-trace-id: 508aa6f8765714ebdf8d975c89efdbb3
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

pl26816535.profitableratecpm.com/24/12/29/241229b746680fef8f280280d57d155e.js

192.243.59.20

200 OK

65 kB

URL GET
pl26816535.profitableratecpm.com/24/12/29/241229b746680fef8f280280d57d155e.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectprofitableratecpm.com
FingerprintF0:1C:19:8E:0A:66:67:96:FE:65:D1:76:02:CD:A0:DD:D4:3B:88:9E
ValidityFri, 06 Jun 2025 21:52:23 GMT - Thu, 04 Sep 2025 21:52:22 GMT

File type
JavaScript source, ASCII text, with very long lines (64950), with no line terminators
Size
65 kB (64950 bytes)
Hash
ca34460e0ef7ae718d9f22e925eeba8d
3fd9e0a957fcea046e76950415147a2a202a8857
49efd00dd3acc4332d3f9a8bd2363cdc24f34f2910ddd1855b94401e739e0354

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /24/12/29/241229b746680fef8f280280d57d155e.js HTTP/1.1
Host: pl26816535.profitableratecpm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:22 GMT
Content-Type: application/javascript
Content-Length: 23634
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: pl26816535.profitableratecpm.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: d925c271edb570905b8b39695500dc2d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

madurird.com/5/9384830

139.45.197.106

200 OK

113 kB

URL GET
madurird.com/5/9384830
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectmadurird.com
FingerprintE6:F5:25:47:3F:87:05:23:96:F8:35:FA:1C:BC:79:F8:B3:85:26:2D
ValiditySat, 19 Apr 2025 05:46:37 GMT - Fri, 18 Jul 2025 05:46:36 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
113 kB (112594 bytes)
Hash
b7e1b19460b0202cc0752dcc01dcc1a7
f02380625ed9614233ea2460476e29a8f7cfdb55
3009231eeace0d35f217d1a45df70e28bdc2b1b9c34c4c9051a6b83d2402d1ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/9384830 HTTP/1.1
Host: madurird.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:21 GMT
content-type: application/javascript
x-trace-id: cd5af67475f5f9b4b00e657ed640c429
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://e2ertt.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0081e1ead1bb4924fdbc04a807bf4fb2; expires=Sun, 07 Jun 2026 16:55:21 GMT; path=/; secure; SameSite=None
oaidts=1749315321; expires=Sun, 07 Jun 2026 16:55:21 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

sportsloverss.online/wp-includes/js/wp-emoji-release.min.js?ver=6.8.1

104.21.80.1

200 OK

19 kB

URL GET
sportsloverss.online/wp-includes/js/wp-emoji-release.min.js?ver=6.8.1
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectsportsloverss.online
Fingerprint54:36:5E:9A:38:33:C5:8D:04:01:C3:97:B5:C8:EC:CD:37:4D:80:1C
ValidityTue, 27 May 2025 07:14:03 GMT - Mon, 25 Aug 2025 08:10:10 GMT

File type
JavaScript source, ASCII text, with very long lines (16290)
Size
19 kB (19264 bytes)
Hash
1dafa7fe14b33c26fef9b0e5ba0c8e72
62f67cdac55d89c43570bf0c338f4edf548b14e1
50cc1a0490008ec62ca8b581fa9cdcfb2eda2d36a08ccbeb1f004da599e9cc61

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.8.1 HTTP/1.1
Host: sportsloverss.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/?p=749
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Jun 2025 16:55:23 GMT
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vwbtgy7cqS7S%2FwrB3lXV3LesZy2SUBNjXZB%2BOkql56aVNv6y95HfIng2tQJtVnkLLAMui0q0HOiygHWNchmDWdRqxMyRqXX80VVx8dF08uLI0XpjZKkgRyXT9uTpC3zvSeOjnMILfA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 18 Mar 2025 03:01:26 GMT
age: 6358
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94c1ad4168a10b55-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3314&min_rtt=606&rtt_var=1661&sent=97&recv=147&lost=0&retrans=0&sent_bytes=8411&recv_bytes=8431&delivery_rate=670570&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=2ec75cf4c43e9811&ts=1548&inflight_dur=34&x=80"

eehassoosostoa.com/401/9407006

139.45.197.107

200 OK

162 kB

URL GET
eehassoosostoa.com/401/9407006
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjecteehassoosostoa.com
Fingerprint01:46:44:F3:28:40:0F:8C:B3:03:88:62:28:07:5D:E9:8D:B4:C1:5A
ValidityTue, 13 May 2025 05:48:38 GMT - Mon, 11 Aug 2025 05:48:37 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
162 kB (162163 bytes)
Hash
4e03ccdf896176bf318e19535c6a65f2
bfca24c13357eddc9c91aa249c9d37e623c36f0f
b7da25d61a8f58b4a7edb5fc7b4de73a19c6471144f09a4eba5cb12e9e3781b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/9407006 HTTP/1.1
Host: eehassoosostoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:24 GMT
content-type: application/javascript
x-trace-id: 4225d31498386e10a59502b2510e0062
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0301e1c14e104ca1fd77b67c3b34120b; expires=Sun, 07 Jun 2026 16:55:24 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

139.45.197.107

200 OK

0 B

URL OPTIONS
roagrofoogrobo.com/500/9407005?excludes=&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=roagrofoogrobo.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=7&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectroagrofoogrobo.com
FingerprintC7:CB:1C:71:86:21:01:54:9C:53:21:D6:A5:5E:65:12:E9:E8:E6:6B
ValidityTue, 13 May 2025 05:45:01 GMT - Mon, 11 Aug 2025 05:45:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/9407005?excludes=&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=roagrofoogrobo.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=7&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: roagrofoogrobo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:27 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://sportsloverss.online
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

roagrofoogrobo.com/impression/2KxuZL-TplyVJZmkqKSIxStlUP-hD9U2TjOuRhXKcV5EY7k8OumyMi9QgSoGPxv6hHDZ5SDDrJOLbK4aTE3EcFD8YNRyxzK5YcooWUq-Ng51cZRFH2ocCaIYXRrzs5uanQXgj81_bagl-n0wEj6hVhpv3PJ9DKJUFfnjugHjYkbVd6FwCL_l99nA6WvxOoYOtd2-O6GjjJybk4DSf-ZqMJHmcaSBBQPEqukZbJeI4-v0BnkEat5TVawV3HiqVSNvfSbacDHZsonF-ruL4RUv7b_S4gTs8rGvR98AJfqBbko6NnZ5V6wrX7hBJ7gTpQBDPbZkH09nIyeL1sRRN0nycdsEYNkb-HQklPHIZu3Cho1cNKdr2OP5g_4O3XhNaM1izLwyVqx6JdkpX_q277F4ATPJBocTKC4FFymuKUmdy9DAS4QTio698rCVItxoaydpgwowlzK6JQIq6w1sY8u0QNcHo2vmU4v6Bl4xpu6lvmGnEJA8hkIoYQ8SSWDBZsJciCf_Tpt73-XKwLUMH7q9dVrWq5IaCvT1oWlD83palDJkYeZfRTsXdFiCXBy4-ArliL7tZiwyNBCdZrY_C6L_3sEDsmpjuRTQ2GI2EcN-s3LKDVZmfpBFY4ZuE0zIwgozrPDX7-6jDiM_sGTEYGFb2snJk403rh1sOSv2UGg5J5kwwtxZiHun7U96QhFqwdSut9ZYZBuW4YXwy5iqfYTFjNygGi_aF0QMtv_jLJeX6fiNWa7qBYU7p7vlQj-9Qzkfcu9wFv-3qRypHmeiu0pXi41wbCAourOkatg_8bGwLdJviZZ6HAayisdhLALRyCkw4TB80kveJj8=?_z=9407005&js_build=8&sw_version=v1.644.0&dmn=roagrofoogrobo.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.107

200 OK

43 B

URL GET
roagrofoogrobo.com/impression/2KxuZL-TplyVJZmkqKSIxStlUP-hD9U2TjOuRhXKcV5EY7k8OumyMi9QgSoGPxv6hHDZ5SDDrJOLbK4aTE3EcFD8YNRyxzK5YcooWUq-Ng51cZRFH2ocCaIYXRrzs5uanQXgj81_bagl-n0wEj6hVhpv3PJ9DKJUFfnjugHjYkbVd6FwCL_l99nA6WvxOoYOtd2-O6GjjJybk4DSf-ZqMJHmcaSBBQPEqukZbJeI4-v0BnkEat5TVawV3HiqVSNvfSbacDHZsonF-ruL4RUv7b_S4gTs8rGvR98AJfqBbko6NnZ5V6wrX7hBJ7gTpQBDPbZkH09nIyeL1sRRN0nycdsEYNkb-HQklPHIZu3Cho1cNKdr2OP5g_4O3XhNaM1izLwyVqx6JdkpX_q277F4ATPJBocTKC4FFymuKUmdy9DAS4QTio698rCVItxoaydpgwowlzK6JQIq6w1sY8u0QNcHo2vmU4v6Bl4xpu6lvmGnEJA8hkIoYQ8SSWDBZsJciCf_Tpt73-XKwLUMH7q9dVrWq5IaCvT1oWlD83palDJkYeZfRTsXdFiCXBy4-ArliL7tZiwyNBCdZrY_C6L_3sEDsmpjuRTQ2GI2EcN-s3LKDVZmfpBFY4ZuE0zIwgozrPDX7-6jDiM_sGTEYGFb2snJk403rh1sOSv2UGg5J5kwwtxZiHun7U96QhFqwdSut9ZYZBuW4YXwy5iqfYTFjNygGi_aF0QMtv_jLJeX6fiNWa7qBYU7p7vlQj-9Qzkfcu9wFv-3qRypHmeiu0pXi41wbCAourOkatg_8bGwLdJviZZ6HAayisdhLALRyCkw4TB80kveJj8=?_z=9407005&js_build=8&sw_version=v1.644.0&dmn=roagrofoogrobo.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectroagrofoogrobo.com
FingerprintC7:CB:1C:71:86:21:01:54:9C:53:21:D6:A5:5E:65:12:E9:E8:E6:6B
ValidityTue, 13 May 2025 05:45:01 GMT - Mon, 11 Aug 2025 05:45:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/2KxuZL-TplyVJZmkqKSIxStlUP-hD9U2TjOuRhXKcV5EY7k8OumyMi9QgSoGPxv6hHDZ5SDDrJOLbK4aTE3EcFD8YNRyxzK5YcooWUq-Ng51cZRFH2ocCaIYXRrzs5uanQXgj81_bagl-n0wEj6hVhpv3PJ9DKJUFfnjugHjYkbVd6FwCL_l99nA6WvxOoYOtd2-O6GjjJybk4DSf-ZqMJHmcaSBBQPEqukZbJeI4-v0BnkEat5TVawV3HiqVSNvfSbacDHZsonF-ruL4RUv7b_S4gTs8rGvR98AJfqBbko6NnZ5V6wrX7hBJ7gTpQBDPbZkH09nIyeL1sRRN0nycdsEYNkb-HQklPHIZu3Cho1cNKdr2OP5g_4O3XhNaM1izLwyVqx6JdkpX_q277F4ATPJBocTKC4FFymuKUmdy9DAS4QTio698rCVItxoaydpgwowlzK6JQIq6w1sY8u0QNcHo2vmU4v6Bl4xpu6lvmGnEJA8hkIoYQ8SSWDBZsJciCf_Tpt73-XKwLUMH7q9dVrWq5IaCvT1oWlD83palDJkYeZfRTsXdFiCXBy4-ArliL7tZiwyNBCdZrY_C6L_3sEDsmpjuRTQ2GI2EcN-s3LKDVZmfpBFY4ZuE0zIwgozrPDX7-6jDiM_sGTEYGFb2snJk403rh1sOSv2UGg5J5kwwtxZiHun7U96QhFqwdSut9ZYZBuW4YXwy5iqfYTFjNygGi_aF0QMtv_jLJeX6fiNWa7qBYU7p7vlQj-9Qzkfcu9wFv-3qRypHmeiu0pXi41wbCAourOkatg_8bGwLdJviZZ6HAayisdhLALRyCkw4TB80kveJj8=?_z=9407005&js_build=8&sw_version=v1.644.0&dmn=roagrofoogrobo.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: roagrofoogrobo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: OAID=0081e15845a4400be196798785c7a553
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:32 GMT
content-type: image/gif
content-length: 43
x-trace-id: 7d2d80f4f6f46585a83206730dc85eeb
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

www.highperformanceformat.com/f591db634d24e75b9d8ac135133ca656/invoke.js

172.240.127.234

200 OK

27 kB

URL GET
www.highperformanceformat.com/f591db634d24e75b9d8ac135133ca656/invoke.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjecthighperformanceformat.com
Fingerprint0D:9E:3E:81:0C:42:53:B9:28:FB:59:10:B5:41:9D:C8:F5:17:CE:E5
ValiditySun, 13 Apr 2025 21:41:53 GMT - Sat, 12 Jul 2025 21:41:52 GMT

File type
JavaScript source, ASCII text, with very long lines (27393), with no line terminators
Size
27 kB (27393 bytes)
Hash
f3aa6d16ca1a8ae70745aed597d91f80
6999a73f347c9f959d54088925f95ec0ba01e1e8
f9d0eb14db9778659074757c18c832fe9471ac64b360697916ebff6b3db8c248

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f591db634d24e75b9d8ac135133ca656/invoke.js HTTP/1.1
Host: www.highperformanceformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Jun 2025 16:55:22 GMT
Content-Type: application/javascript
Content-Length: 11519
Connection: keep-alive
content-encoding: gzip
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 8
Host: www.highperformanceformat.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: b467c935a6790f8f10b39d4b977b5dff
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

capaciousdrewreligion.com/advertisers.js

185.196.197.72

200 OK

0 B

URL GET
capaciousdrewreligion.com/advertisers.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
Fingerprint4C:9A:D1:39:AD:B4:C8:D5:6E:A1:5A:54:6F:88:D5:0F:D1:C6:5A:06
ValidityFri, 02 May 2025 21:09:09 GMT - Thu, 31 Jul 2025 21:09:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportstreamslife.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Jun 2025 16:55:24 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 38ff1a872227109115ce8d6d295666f4
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

grookilteepsou.net/zone?pub=0&zone_id=9407008&is_mobile=false&domain=sportsloverss.online&var=&ymid=&var_3=&tg=0&sw=3.1.620&drf=

139.45.197.122

200 OK

511 B

URL GET
grookilteepsou.net/zone?pub=0&zone_id=9407008&is_mobile=false&domain=sportsloverss.online&var=&ymid=&var_3=&tg=0&sw=3.1.620&drf=
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectgrookilteepsou.net
Fingerprint88:32:02:85:20:BA:DC:ED:9E:9D:73:5A:A2:BA:00:56:79:A1:7D:44
ValiditySat, 29 Mar 2025 05:35:06 GMT - Fri, 27 Jun 2025 05:35:05 GMT

File type
JSON text data
Size
511 B (511 bytes)
Hash
acfb17749142b8a2b94e5eee0e8103f0
b665242beaa8ad2625f16ba9a4008c752cb204a9
2a5c7827bd4fcd760f4e45617fc098b42ed75d5627c9744dc0d3399678663786

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /zone?pub=0&zone_id=9407008&is_mobile=false&domain=sportsloverss.online&var=&ymid=&var_3=&tg=0&sw=3.1.620&drf= HTTP/1.1
Host: grookilteepsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:24 GMT
content-type: application/json; charset=utf-8
content-length: 511
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

stouwhoafap.com/

139.45.196.63

200 OK

8 B

URL OPTIONS
stouwhoafap.com/
IP
139.45.196.63:443
ASN
#9002 RETN Limited

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerLet's Encrypt
Subjectstouwhoafap.com
FingerprintEA:33:C8:F8:8D:16:53:AD:A2:91:CA:CF:DA:DF:C5:CC:DA:17:44:16
ValiditySat, 07 Jun 2025 00:08:14 GMT - Fri, 05 Sep 2025 00:08:13 GMT

File type
ASCII text, with no line terminators
Size
8 B (8 bytes)
Hash
3bbbac058fc4ed9e8078f0318d31d9fa
fb3f78865eac1bdd3406f00b9cae5c6cdf6211b8
3938c63e8b782001c4b451b439634c1380b1e262d919e11ba7374862835d83e4

HTTP Headers

OPTIONS / HTTP/1.1
Host: stouwhoafap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: favicon
Referer: https://sportstreamslife.shop/
Origin: https://sportstreamslife.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:25 GMT
content-type: application/octet-stream
content-length: 8
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, favicon
X-Firefox-Spdy: h2

grookilteepsou.net/event

139.45.197.122

200 OK

81 B

URL POST
grookilteepsou.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectgrookilteepsou.net
Fingerprint88:32:02:85:20:BA:DC:ED:9E:9D:73:5A:A2:BA:00:56:79:A1:7D:44
ValiditySat, 29 Mar 2025 05:35:06 GMT - Fri, 27 Jun 2025 05:35:05 GMT

File type
JSON text data
Size
81 B (81 bytes)
Hash
02faae8cd64050289413d937fb82a4a2
34b6599dae194320c61324c08c467ca632805c48
9aff17dab5d05f3aaab191bfe9425e711f7edd1e8c94fd4ad9aadaa923dd8d94

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: grookilteepsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sportsloverss.online/
Content-Type: application/json
Content-Length: 362
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:26 GMT
content-type: application/json; charset=utf-8
content-length: 81
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

invadedisheartentrail.com/pixel/sbs?c=1

192.243.59.13

200 OK

0 B

URL GET
invadedisheartentrail.com/pixel/sbs?c=1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26716036=1; slec241229b746680fef8f280280d57d155e=[3078207]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:28 GMT
Content-Length: 0
Connection: keep-alive
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

yv.nudecorvees.com/r0ByO1XQJMkGr5/69521

23.109.170.27

200 OK

5 B

URL GET
yv.nudecorvees.com/r0ByO1XQJMkGr5/69521
IP
23.109.170.27:443
ASN
#7979 SERVERS-COM

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerLet's Encrypt
Subjectyv.nudecorvees.com
FingerprintC2:10:10:6A:64:1F:5C:A0:D2:76:6D:E5:D3:29:D1:01:BB:B9:E5:9E
ValidityThu, 29 May 2025 06:32:42 GMT - Wed, 27 Aug 2025 06:32:41 GMT

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
848667c49f5d3aef59cd65ed276cd7ae
bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763
cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /r0ByO1XQJMkGr5/69521 HTTP/1.1
Host: yv.nudecorvees.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportstreamslife.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 07 Jun 2025 16:55:23 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sportstreamslife.shop
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Sun, 08-Jun-2025 16:55:23 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 08-Jun-2025 16:55:23 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

pubtrky.com/ut/hb.php?cb=0.4067007700768802&v=1

104.21.8.108

204 No Content

0 B

URL POST
pubtrky.com/ut/hb.php?cb=0.4067007700768802&v=1
IP
104.21.8.108:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerGoogle Trust Services
Subjectpubtrky.com
FingerprintD1:DF:C8:94:03:32:97:45:6F:1A:E3:AD:EE:EC:22:B8:E7:5C:6F:27
ValidityMon, 05 May 2025 10:34:21 GMT - Sun, 03 Aug 2025 11:31:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ut/hb.php?cb=0.4067007700768802&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 831
Origin: https://sportstreamslife.shop
DNT: 1
Connection: keep-alive
Referer: https://sportstreamslife.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sat, 07 Jun 2025 16:55:24 GMT
server: cloudflare
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BJfXQYOrCzvwPkyHSMYm0aFX9j%2BnWWX%2FlA%2Bua0Gh6R0JMfvIyRuGVqItJWkTQv9%2FSqZfY8S2ah%2FWjPSBjriaIDW%2BdPfGzD281A%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94c1ad48ebdb56b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jun 2025 00:24:14 GMT
expires: Sat, 06 Jun 2026 00:24:14 GMT
cache-control: public, max-age=31536000
age: 145875
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

139.45.197.107

200 OK

6.0 kB

URL GET
eehassoosostoa.com/500/9407006?excludes=&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=eehassoosostoa.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjecteehassoosostoa.com
Fingerprint01:46:44:F3:28:40:0F:8C:B3:03:88:62:28:07:5D:E9:8D:B4:C1:5A
ValidityTue, 13 May 2025 05:48:38 GMT - Mon, 11 Aug 2025 05:48:37 GMT

File type
JSON text data
Size
6.0 kB (5997 bytes)
Hash
0d9bec13d62ff37f68435da503b1b496
e834760b626c44b57add249637f57e8eea790f6f
cfd6b6c323d6ff0f2261343e3f314408a9e7c7b4b7669031aa84848d72538dbe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /500/9407006?excludes=&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=eehassoosostoa.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=6&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: eehassoosostoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: OAID=0301e1c14e104ca1fd77b67c3b34120b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:35 GMT
content-type: application/javascript
x-trace-id: 9fb5ca04327e198752a93f2bef2ba0d4
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://sportsloverss.online
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0081e15845a4400be196798785c7a553; expires=Sun, 07 Jun 2026 16:55:35 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

wearychallengeraise.com/pixel/pure

192.243.59.13

204 No Content

0 B

URL OPTIONS
wearychallengeraise.com/pixel/pure
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectwearychallengeraise.com
Fingerprint59:0D:D9:8E:52:01:C0:D1:1E:83:C9:8F:D9:E2:AA:FF:AF:B7:B8:51
ValiditySun, 20 Apr 2025 03:17:43 GMT - Sat, 19 Jul 2025 03:17:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /pixel/pure HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:24 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

cdn.storageimagedisplay.com/cti/13/7c/c8/137cc8e201b2cedad58d986ae65bfac7/1708270647.jpg

45.133.44.1

200 OK

79 kB

URL GET
cdn.storageimagedisplay.com/cti/13/7c/c8/137cc8e201b2cedad58d986ae65bfac7/1708270647.jpg
IP
45.133.44.1:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
Fingerprint7C:BD:B0:48:37:0F:A4:22:46:5F:09:F9:77:FA:07:FF:25:25:52:76
ValiditySun, 11 May 2025 02:32:51 GMT - Sat, 09 Aug 2025 02:32:50 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:18 13:54:47], progressive, precision 8, 728x90, components 3
Size
79 kB (78744 bytes)
Hash
ac586259b46ad0eb0380efdf19895477
88692fbf3d4df861c355996a78f64d8930fda539
25d86635d08522d65c823e3996783f4d4bd5a7e6fd715c87534684caf989dfa1

HTTP Headers

GET /cti/13/7c/c8/137cc8e201b2cedad58d986ae65bfac7/1708270647.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:28 GMT
content-type: image/jpeg
content-length: 78744
server: nginx/1.21.6
last-modified: Sun, 18 Feb 2024 15:37:35 GMT
etag: "65d2243f-13398"
expires: Mon, 09 Jun 2025 16:55:28 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

invadedisheartentrail.com/pixel/purst?dl=0&th=0&sc=0&rs=1299&rd=1299&fd=505&bv=25.5.2579&tmpl=70

192.243.59.13

200 OK

0 B

URL GET
invadedisheartentrail.com/pixel/purst?dl=0&th=0&sc=0&rs=1299&rd=1299&fd=505&bv=25.5.2579&tmpl=70
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1299&rd=1299&fd=505&bv=25.5.2579&tmpl=70 HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportstreamslife.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:24 GMT
Content-Length: 0
Connection: keep-alive
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

139.45.197.106

204 No Content

0 B

URL POST
madurird.com/wrr?z=9384830&p_rid=5f71868c-592e-4217-b39b-db55b312837d&rb=woAGHwnmhkGM_605g-b_VcJ9kQ7PAuvpOSYOnwQjxsvETLjRwGF--OHbeosa092bEZm1P_pP3xGw5OI0yQI3kimesre7Tibw7Im1CNMs8Fu9OLSmRltWy94415-VC405kbNx0E-RoAHDKolAjQcdZPmrP_sB1OdjyFxELzqEgKS1iOOFX96GkfFbyjE7S_nkK7sNLLyGgUC0HzU60vluShhUqSboRg_hWP0EGF1GZRNYvh6pUV3jsZGG4EsaLpT4QPDU664g4fVCdlclV1084BmpMXs6JALXhHDtigj0nOPjlrHa&dmn=madurird.com&userId=0081e15845a4400be196798785c7a553
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectmadurird.com
FingerprintE6:F5:25:47:3F:87:05:23:96:F8:35:FA:1C:BC:79:F8:B3:85:26:2D
ValiditySat, 19 Apr 2025 05:46:37 GMT - Fri, 18 Jul 2025 05:46:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /wrr?z=9384830&p_rid=5f71868c-592e-4217-b39b-db55b312837d&rb=woAGHwnmhkGM_605g-b_VcJ9kQ7PAuvpOSYOnwQjxsvETLjRwGF--OHbeosa092bEZm1P_pP3xGw5OI0yQI3kimesre7Tibw7Im1CNMs8Fu9OLSmRltWy94415-VC405kbNx0E-RoAHDKolAjQcdZPmrP_sB1OdjyFxELzqEgKS1iOOFX96GkfFbyjE7S_nkK7sNLLyGgUC0HzU60vluShhUqSboRg_hWP0EGF1GZRNYvh6pUV3jsZGG4EsaLpT4QPDU664g4fVCdlclV1084BmpMXs6JALXhHDtigj0nOPjlrHa&dmn=madurird.com&userId=0081e15845a4400be196798785c7a553 HTTP/1.1
Host: madurird.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sportsloverss.online/
content-type: application/json
Content-Length: 2607
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Sat, 07 Jun 2025 16:55:26 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

192.243.59.13

200 OK

0 B

URL GET
invadedisheartentrail.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=151
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=151 HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26716036=1; slec241229b746680fef8f280280d57d155e=[3078207]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:27 GMT
Content-Length: 0
Connection: keep-alive
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

experttrafficcounter.com/stats

52.58.57.192

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
52.58.57.192:443
ASN
#16509 AMAZON-02

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintCE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
a84401bc2d39b5af3d3da3f85f22d15d
ced66181b44142fd24e487f4cc10e24d4eee9437
4856848eb6bb408eca922134bcf46ed63d6d6837d77edc93e5e4f2db5484fa4a

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: uid_id2=3b2579d3-8349-402a-bf12-8951952eba03:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:25 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sportsloverss.online
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

sportsloverss.online/wp-content/themes/newspaperly/js/skip-link-focus-fix.js?ver=20170823

104.21.80.1

200 OK

685 B

URL GET
sportsloverss.online/wp-content/themes/newspaperly/js/skip-link-focus-fix.js?ver=20170823
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectsportsloverss.online
Fingerprint54:36:5E:9A:38:33:C5:8D:04:01:C3:97:B5:C8:EC:CD:37:4D:80:1C
ValidityTue, 27 May 2025 07:14:03 GMT - Mon, 25 Aug 2025 08:10:10 GMT

File type
ASCII text
Size
685 B (685 bytes)
Hash
93d421fd7576b0ca9c359ffe2fa16113
eacce35258f14fcd79bea2bc23f4140d25874322
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

HTTP Headers

GET /wp-content/themes/newspaperly/js/skip-link-focus-fix.js?ver=20170823 HTTP/1.1
Host: sportsloverss.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/?p=749
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:21 GMT
content-type: text/javascript
server: cloudflare
last-modified: Tue, 27 May 2025 08:29:56 GMT
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Zab6xl5GcAWr4bQZ%2FTJ8FoRE89m7vEWjuwQJ7pzHfo26X4JDvmAARG5LCziKkmfq1JnEweKgSPWuGDCwOO0SroSzLMX5w8K3DvwW7tRDld3tPQ%3D%3D"}]}
age: 6358
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94c1ad39696756c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

experttrafficcounter.com/stats

52.58.57.192

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
52.58.57.192:443
ASN
#16509 AMAZON-02

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintCE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
8e871987b0629f2411d7b1ca62c8a1c7
862b3e0605b6ad8748062c923180cab741adc547
ecdebd37cd1ff0ec78ce8ef7d6b12707d64675a0700a212df13d13c6999de53d

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:22 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sportsloverss.online
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=357bd289-062e-4357-bcd0-5f8c899cb05a:3:1; expires=Tue, 05 Jun 2035 16:55:22 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

grookilteepsou.net/event

139.45.197.122

200 OK

0 B

URL OPTIONS
grookilteepsou.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectgrookilteepsou.net
Fingerprint88:32:02:85:20:BA:DC:ED:9E:9D:73:5A:A2:BA:00:56:79:A1:7D:44
ValiditySat, 29 Mar 2025 05:35:06 GMT - Fri, 27 Jun 2025 05:35:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: grookilteepsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:26 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

sportsloverss.online/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

104.21.80.1

200 OK

14 kB

URL GET
sportsloverss.online/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectsportsloverss.online
Fingerprint54:36:5E:9A:38:33:C5:8D:04:01:C3:97:B5:C8:EC:CD:37:4D:80:1C
ValidityTue, 27 May 2025 07:14:03 GMT - Mon, 25 Aug 2025 08:10:10 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
14 kB (13577 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: sportsloverss.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/?p=749
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:21 GMT
content-type: text/javascript
server: cloudflare
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=8rgzZ5OB1hqDO7WKXmN7UsYoxXvmwh5wg1oV4UtK%2BnkxKS3wyuZI%2FZTn33KMX3d5SL4Y57R8rsEYOgLhlwlvBOT4sODESS15Lddl6yq7Mg9P7g%3D%3D"}]}
age: 6358
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94c1ad39695e56c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

grookilteepsou.net/event

139.45.197.122

200 OK

81 B

URL POST
grookilteepsou.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectgrookilteepsou.net
Fingerprint88:32:02:85:20:BA:DC:ED:9E:9D:73:5A:A2:BA:00:56:79:A1:7D:44
ValiditySat, 29 Mar 2025 05:35:06 GMT - Fri, 27 Jun 2025 05:35:05 GMT

File type
JSON text data
Size
81 B (81 bytes)
Hash
ca53211ef1ebbb2754fa98f5ae20bb5c
fe5136e13b6a419cf428a8957a68b123dbb30339
ffe350b8073ebb56cf8ec765a4d89795b17b7401c2fce9c5bf14177fc0e79367

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: grookilteepsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sportsloverss.online/
Content-Type: application/json
Content-Length: 988
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:26 GMT
content-type: application/json; charset=utf-8
content-length: 81
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

glempirteechacm.com/500/9407007?excludes=&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=glempirteechacm.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=7&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.106

200 OK

0 B

URL OPTIONS
glempirteechacm.com/500/9407007?excludes=&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=glempirteechacm.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=7&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectglempirteechacm.com
Fingerprint51:89:C2:30:06:BF:A8:71:E7:A4:F8:CD:8F:A9:31:DE:A9:CC:63:67
ValidityTue, 13 May 2025 05:47:53 GMT - Mon, 11 Aug 2025 05:47:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/9407007?excludes=&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=glempirteechacm.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=7&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: glempirteechacm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:27 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://sportsloverss.online
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

invadedisheartentrail.com/impr.gif?sid=H4sIAAAAAAAC_1RSTYgcRRSu3gQ8BCL-YEAR-mhAJt09PbMz5hCMMRoSkzWJ7MFTdVf1bDnVXW1V_8zOaXFFchxPeqz9ZjeLMYjxLsqsF1kQMp72kL148SiI4iEHmdmRwQf9_r5-8L3v1Wc75TEJUdKjtffUUEhJL7QanvvausiYqo17867rew3vorsusnZ40R3MnK7e8JthwzvvvsPjvroQeL7n-Z7vXhWaJ2pwYY5C5A-7fqPrNcKg4bdCDPT_a1M6MNQBq47J8xBs-uxvyYcQ8QRZ-u0VbvqFyl9_Oy0lLZRGxfY_yPqZqjOkyzTRDpJsf_E3lJkS8uUKVLa_2ACq2p1tgEhMycpLTxBl-wuaiKq9E6aRBM8QsTOoqwm4nEDQCWK1DcEeEyBmuHkLWXr_ptI13TxB6QydktN__wlRT8npJy8iS7-5LMXAvaNkWQiVGQwSCzGYQPQmyMsDFMMViPoAcfEJBPuFeOfOIEsfvKsq0XcrrvsQzM41EMkEko9AjYNy9gkHZeKgzB2k7MgNvU4Y-7TZTrosXvVCGoaMR163E3ge7carKOMZwRGKfIRYjhDrLeR6C30xgi5_hNmwMMyBKabEeX8LFbOoOUFtCGpKUAuCuiCoK7vHpAmMvc-kKSN_EYNFbNqxKno7dE8VPZ4RUD2CZnZX5B-bbcTFqfEwMWysZo5GhR3TiNmd_Jg8N9PP-WL_U_T5kRuEfhB0o9Ww3e54CU86SdDxgo7HWqvMb7U4jLAQZmUuyFBMyfWnCXIxJee_-x0RPYCRB4jFC6Dlq6C1Bd2wGGaPTK50YaSquDamEasUTFnkxWkUm86OPCavzM_Y-OcSeHxIFoZYW-Ta4iPxE0FP3hvfVjXZva1qQx7dyguRiiGdnfhOQQvuPLjON2ul2bUrZvTVm_EMmKUP73JT3KAZE1nPkK8vC8a4vqp0zMn318w6j9ZKs3G51FmZ31h76-q1NNfcGKGyCah4fPYsYjElz_z81_zxnjt-GUJPoEuLtFwyFeoAcb4Fky97RhFouayj3EFd2rEOomVTCgLJlzWNLAw__OGP_4aW-VjT2TQVdsfcQ087oMU2stSi0haVtKByBFOeGhe5Prz0a3NuiKQzjqR2diOp5ecnIhtx5CZNHsSe11lt-81Owv1myOKk1Qm7rE29ZpOjMNONK9nTfwMAAP__4fg0M54EAAA=

192.243.59.13

200 OK

0 B

URL GET
invadedisheartentrail.com/impr.gif?sid=H4sIAAAAAAAC_1RSTYgcRRSu3gQ8BCL-YEAR-mhAJt09PbMz5hCMMRoSkzWJ7MFTdVf1bDnVXW1V_8zOaXFFchxPeqz9ZjeLMYjxLsqsF1kQMp72kL148SiI4iEHmdmRwQf9_r5-8L3v1Wc75TEJUdKjtffUUEhJL7QanvvausiYqo17867rew3vorsusnZ40R3MnK7e8JthwzvvvsPjvroQeL7n-Z7vXhWaJ2pwYY5C5A-7fqPrNcKg4bdCDPT_a1M6MNQBq47J8xBs-uxvyYcQ8QRZ-u0VbvqFyl9_Oy0lLZRGxfY_yPqZqjOkyzTRDpJsf_E3lJkS8uUKVLa_2ACq2p1tgEhMycpLTxBl-wuaiKq9E6aRBM8QsTOoqwm4nEDQCWK1DcEeEyBmuHkLWXr_ptI13TxB6QydktN__wlRT8npJy8iS7-5LMXAvaNkWQiVGQwSCzGYQPQmyMsDFMMViPoAcfEJBPuFeOfOIEsfvKsq0XcrrvsQzM41EMkEko9AjYNy9gkHZeKgzB2k7MgNvU4Y-7TZTrosXvVCGoaMR163E3ge7carKOMZwRGKfIRYjhDrLeR6C30xgi5_hNmwMMyBKabEeX8LFbOoOUFtCGpKUAuCuiCoK7vHpAmMvc-kKSN_EYNFbNqxKno7dE8VPZ4RUD2CZnZX5B-bbcTFqfEwMWysZo5GhR3TiNmd_Jg8N9PP-WL_U_T5kRuEfhB0o9Ww3e54CU86SdDxgo7HWqvMb7U4jLAQZmUuyFBMyfWnCXIxJee_-x0RPYCRB4jFC6Dlq6C1Bd2wGGaPTK50YaSquDamEasUTFnkxWkUm86OPCavzM_Y-OcSeHxIFoZYW-Ta4iPxE0FP3hvfVjXZva1qQx7dyguRiiGdnfhOQQvuPLjON2ul2bUrZvTVm_EMmKUP73JT3KAZE1nPkK8vC8a4vqp0zMn318w6j9ZKs3G51FmZ31h76-q1NNfcGKGyCah4fPYsYjElz_z81_zxnjt-GUJPoEuLtFwyFeoAcb4Fky97RhFouayj3EFd2rEOomVTCgLJlzWNLAw__OGP_4aW-VjT2TQVdsfcQ087oMU2stSi0haVtKByBFOeGhe5Prz0a3NuiKQzjqR2diOp5ecnIhtx5CZNHsSe11lt-81Owv1myOKk1Qm7rE29ZpOjMNONK9nTfwMAAP__4fg0M54EAAA=
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC_1RSTYgcRRSu3gQ8BCL-YEAR-mhAJt09PbMz5hCMMRoSkzWJ7MFTdVf1bDnVXW1V_8zOaXFFchxPeqz9ZjeLMYjxLsqsF1kQMp72kL148SiI4iEHmdmRwQf9_r5-8L3v1Wc75TEJUdKjtffUUEhJL7QanvvausiYqo17867rew3vorsusnZ40R3MnK7e8JthwzvvvsPjvroQeL7n-Z7vXhWaJ2pwYY5C5A-7fqPrNcKg4bdCDPT_a1M6MNQBq47J8xBs-uxvyYcQ8QRZ-u0VbvqFyl9_Oy0lLZRGxfY_yPqZqjOkyzTRDpJsf_E3lJkS8uUKVLa_2ACq2p1tgEhMycpLTxBl-wuaiKq9E6aRBM8QsTOoqwm4nEDQCWK1DcEeEyBmuHkLWXr_ptI13TxB6QydktN__wlRT8npJy8iS7-5LMXAvaNkWQiVGQwSCzGYQPQmyMsDFMMViPoAcfEJBPuFeOfOIEsfvKsq0XcrrvsQzM41EMkEko9AjYNy9gkHZeKgzB2k7MgNvU4Y-7TZTrosXvVCGoaMR163E3ge7carKOMZwRGKfIRYjhDrLeR6C30xgi5_hNmwMMyBKabEeX8LFbOoOUFtCGpKUAuCuiCoK7vHpAmMvc-kKSN_EYNFbNqxKno7dE8VPZ4RUD2CZnZX5B-bbcTFqfEwMWysZo5GhR3TiNmd_Jg8N9PP-WL_U_T5kRuEfhB0o9Ww3e54CU86SdDxgo7HWqvMb7U4jLAQZmUuyFBMyfWnCXIxJee_-x0RPYCRB4jFC6Dlq6C1Bd2wGGaPTK50YaSquDamEasUTFnkxWkUm86OPCavzM_Y-OcSeHxIFoZYW-Ta4iPxE0FP3hvfVjXZva1qQx7dyguRiiGdnfhOQQvuPLjON2ul2bUrZvTVm_EMmKUP73JT3KAZE1nPkK8vC8a4vqp0zMn318w6j9ZKs3G51FmZ31h76-q1NNfcGKGyCah4fPYsYjElz_z81_zxnjt-GUJPoEuLtFwyFeoAcb4Fky97RhFouayj3EFd2rEOomVTCgLJlzWNLAw__OGP_4aW-VjT2TQVdsfcQ087oMU2stSi0haVtKByBFOeGhe5Prz0a3NuiKQzjqR2diOp5ecnIhtx5CZNHsSe11lt-81Owv1myOKk1Qm7rE29ZpOjMNONK9nTfwMAAP__4fg0M54EAAA= HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26716036=1; slec241229b746680fef8f280280d57d155e=[3078207]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:28 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c3b799d0b771929a0f7b804e0fb284fa
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

142.250.74.10

200 OK

27 kB

URL GET
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
ASCII text, with very long lines (1572)
Size
27 kB (26935 bytes)
Hash
c1dfd96443eb2be2a1f91f6adb6f9dbb
34fcc9ca9febd9112aeeb81b053d0d2bb6ab4b9c
59e10836dc5089dc4aa2f54b882ceb39184f2970d915a5de1a594d502876143a

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 07 Jun 2025 16:55:29 GMT
date: Sat, 07 Jun 2025 16:55:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

bobapsoabauns.com/www/images/8248820be51a4f6edbd1ee6803dcf516.png

104.21.73.203

200 OK

81 kB

URL GET
bobapsoabauns.com/www/images/8248820be51a4f6edbd1ee6803dcf516.png
IP
104.21.73.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectbobapsoabauns.com
Fingerprint8C:C2:83:27:EF:DF:2F:25:DF:58:17:A2:0F:5F:E7:86:EA:92:7F:D9
ValidityWed, 21 May 2025 20:50:33 GMT - Tue, 19 Aug 2025 21:47:54 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
81 kB (80673 bytes)
Hash
8248820be51a4f6edbd1ee6803dcf516
2601fe3fc86c80d8dae8161c1c989d9cc4efec83
cf4b4ed69365ee9d25dc5f88dec8bb275431a2bfbb996eb2175aa1381cb179e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /www/images/8248820be51a4f6edbd1ee6803dcf516.png HTTP/1.1
Host: bobapsoabauns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Jun 2025 16:55:29 GMT
content-type: image/png
content-length: 80673
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=erlgwbzcIjr82Wh4MUDMuWY%2B%2BXFIhoujeqZ3CeN9V%2FmBvRw85U6vsF3a6hAeScBlN%2BQtZ%2BUCPqPf9Cfy6LADnwywSNUc6bFbmXpdIOHtQ%2FHCNdGslyF0g0VXR%2FwoPSKRY9k9uA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 05 Mar 2025 02:17:07 GMT
etag: "67c7b423-13b21"
expires: Sun, 08 Jun 2025 01:12:59 GMT
cache-control: max-age=86400
timing-allow-origin: *
accept-ranges: bytes
age: 56550
cf-cache-status: HIT
cf-ray: 94c1ad6c1d5e56c7-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3979&min_rtt=982&rtt_var=2665&sent=80&recv=94&lost=0&retrans=0&sent_bytes=17160&recv_bytes=5918&delivery_rate=4526715&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=68799892b480b15e&ts=1545&inflight_dur=37&x=80"

139.45.197.106

204 No Content

0 B

URL OPTIONS
vaimucuvikuwu.net/wrr?z=9407004&p_rid=29b2d1af-bfa8-45cc-8447-7711298c35e2&rb=WI4F1EW5QBvUUv4OZDwVIbAqdyuQufrlsN4U8jguW48yRb0xZ29f4YAurETEN2x74Ug8zWWOY2oZiHNOMjRDVPzLlRkvXNGHZRQ1f7NoeC9DSh6ohDeqcAE_jqOTJcDjk0cIKsusDxzrKOs_8XaqnU4DocV05gSaEEjyTwj3UvGHjzuROMrrTFgS67IwoL6lLxB4g2DtIgcLPfytVRx5D4K2g5LNgodWzGpMOWykSVe7ch5ZjY88ze2hyoGqEj0VLcofi5Ty9oD5yCbhuURLsIWp1nrSj_CMAE6QHht7hMK3sTdmB6iPug==&dmn=&userId=0081e15845a4400be196798785c7a553
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectvaimucuvikuwu.net
Fingerprint15:95:D1:15:85:3D:65:BC:01:C6:97:22:A4:FB:38:F6:51:41:16:60
ValidityTue, 13 May 2025 05:39:41 GMT - Mon, 11 Aug 2025 05:39:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /wrr?z=9407004&p_rid=29b2d1af-bfa8-45cc-8447-7711298c35e2&rb=WI4F1EW5QBvUUv4OZDwVIbAqdyuQufrlsN4U8jguW48yRb0xZ29f4YAurETEN2x74Ug8zWWOY2oZiHNOMjRDVPzLlRkvXNGHZRQ1f7NoeC9DSh6ohDeqcAE_jqOTJcDjk0cIKsusDxzrKOs_8XaqnU4DocV05gSaEEjyTwj3UvGHjzuROMrrTFgS67IwoL6lLxB4g2DtIgcLPfytVRx5D4K2g5LNgodWzGpMOWykSVe7ch5ZjY88ze2hyoGqEj0VLcofi5Ty9oD5yCbhuURLsIWp1nrSj_CMAE6QHht7hMK3sTdmB6iPug==&dmn=&userId=0081e15845a4400be196798785c7a553 HTTP/1.1
Host: vaimucuvikuwu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Sat, 07 Jun 2025 16:55:23 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

waust.at/c.js

104.26.5.7

200 OK

12 kB

URL GET
waust.at/c.js
IP
104.26.5.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://allupplay.xyz/premiumtv/daddylive.php?id=55
Certificate
IssuerGoogle Trust Services
Subjectwaust.at
Fingerprint28:34:9D:B0:BC:21:BB:62:84:CA:E8:DB:72:58:B1:08:CA:F0:42:A2
ValidityWed, 23 Apr 2025 12:21:57 GMT - Tue, 22 Jul 2025 13:21:56 GMT

File type
JavaScript source, ASCII text, with very long lines (12117), with no line terminators
Size
12 kB (12117 bytes)
Hash
7f167017c3edca98e152e2ad7e547032
cbcbd0f11bd2f552cdd87cf1947fadc2b7371681
52784de24aa1b312200cd6262ccecb5983c443290f1fe8d01790199be351b02d

HTTP Headers

GET /c.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allupplay.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:24 GMT
content-type: application/x-javascript
cf-ray: 94c1ad4be8500b02-OSL
last-modified: Tue, 15 Apr 2025 23:21:24 GMT
etag: W/"67fee9f4-2f55"
expires: Sun, 08 Jun 2025 16:34:26 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 1258
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ioDn1xdbS2vgE9mCbuPGOYh6WUZU5zto2Kdf%2FSExFvidTCG09kJgDilCGt6cq1dz7sFTuuwcp5YOtZGg3gaEQmo05ZRG9jn4KCQ8nhAgU44n4wxbO39FO9%2FX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=1241&min_rtt=480&rtt_var=1534&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3264&recv_bytes=1177&delivery_rate=6724458&cwnd=254&unsent_bytes=0&cid=36a7fa4cc7bdaec3&ts=73&x=0"
X-Firefox-Spdy: h2

recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET
recordedthereby.com/sfp.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
Fingerprint43:76:D8:56:43:66:8A:49:51:DC:E6:8E:5A:E9:35:93:29:07:37:C1
ValidityMon, 05 May 2025 21:20:39 GMT - Sun, 03 Aug 2025 21:20:38 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85380 bytes)
Hash
108625937affa4b38bb17cea65510d72
2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Jun 2025 16:55:22 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 8b9af59879e8faab544b9ec37799c00d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

www.antiadblocksystems.com/ofetch-jsonp.min.css

95.173.205.15

200 OK

37 kB

URL GET
www.antiadblocksystems.com/ofetch-jsonp.min.css
IP
95.173.205.15:443
ASN
#60068 Datacamp Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subject1431218181.rsc.cdn77.org
Fingerprint4B:43:4E:B5:B5:BA:2E:82:19:24:8B:92:64:26:1A:32:35:74:80:1B
ValidityWed, 16 Apr 2025 04:51:43 GMT - Tue, 15 Jul 2025 04:51:42 GMT

File type
JavaScript source, ASCII text, with very long lines (1568)
Size
37 kB (37188 bytes)
Hash
d42a4cf03ea195dc0d82eebb42e324f3
0b5113c485d0c945347658d032bb8d75b720927c
446c4ca4e0b96eba7b2f060f6fe2c06e8043d9760fcd9caf1b550330188e99ff

HTTP Headers

GET /ofetch-jsonp.min.css HTTP/1.1
Host: www.antiadblocksystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:22 GMT
content-type: application/x-javascript
popads-node: wb4
expires: Tue, 10 Jun 2025 08:36:12 GMT
access-control-allow-origin: https://sportsloverss.online
link: <https://antiadblocksystems.com/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBX63NDQH3TDUBAAwBuUwKDAHXcoQEAAwBnJIhHwG3QAEAAA
x-77-nzt-ray: 2a494a15dbf3d8a71f6f4468da1d022b
x-77-cache: HIT
x-77-age: 79180
vary: Accept-Encoding, Origin
content-encoding: gzip
server: CDN77-Turbo
x-77-pop: osloNO
X-Firefox-Spdy: h2

experttrafficcounter.com/stats

52.58.57.192

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
52.58.57.192:443
ASN
#16509 AMAZON-02

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintCE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
a84401bc2d39b5af3d3da3f85f22d15d
ced66181b44142fd24e487f4cc10e24d4eee9437
4856848eb6bb408eca922134bcf46ed63d6d6837d77edc93e5e4f2db5484fa4a

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:22 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sportsloverss.online
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=3b2579d3-8349-402a-bf12-8951952eba03:2:1; expires=Tue, 05 Jun 2035 16:55:22 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

allupplay.xyz/premiumtv/daddylive.php?id=55

104.21.52.143

200 OK

0 B

URL HEAD
allupplay.xyz/premiumtv/daddylive.php?id=55
IP
104.21.52.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://allupplay.xyz/premiumtv/daddylive.php?id=55
Certificate
IssuerGoogle Trust Services
Subjectallupplay.xyz
Fingerprint00:AB:B0:47:51:B0:95:B9:9F:43:47:9F:5C:0D:F2:B8:99:EC:61:D3
ValidityWed, 16 Apr 2025 17:09:26 GMT - Tue, 15 Jul 2025 18:07:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /premiumtv/daddylive.php?id=55 HTTP/1.1
Host: allupplay.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allupplay.xyz/premiumtv/daddylive.php?id=55
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Jun 2025 16:55:24 GMT
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExGtZ4djTzWj3Ev7IkJoFF4OMG18f1m0lbkYmxi%2FCGHE4kh4F2e7aEQgklAHN%2BOkom4aYOYuCEdvqQriditMwzBh9BoPEhMqduCSbUuLfycdmSWzyUqY40XCbIrkGeuW"}],"group":"cf-nel","max_age":604800}
x-cache: BYPASS
videocdnx: NO
node: PHP
cache-control: public, max-age=30, immutable, no-transform
cf-cache-status: DYNAMIC
cf-ray: 94c1ad4bbc52b4ff-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3450&min_rtt=774&rtt_var=1678&sent=52&recv=58&lost=0&retrans=0&sent_bytes=5908&recv_bytes=3780&delivery_rate=563572&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=8a49994fca55c1d4&ts=500&inflight_dur=34&x=80"

bobapsoabauns.com/www/images/31f5bb5f43a7bd2800c6724e3a4125d2.png

104.21.73.203

200 OK

17 kB

URL GET
bobapsoabauns.com/www/images/31f5bb5f43a7bd2800c6724e3a4125d2.png
IP
104.21.73.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectbobapsoabauns.com
Fingerprint8C:C2:83:27:EF:DF:2F:25:DF:58:17:A2:0F:5F:E7:86:EA:92:7F:D9
ValidityWed, 21 May 2025 20:50:33 GMT - Tue, 19 Aug 2025 21:47:54 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
17 kB (16893 bytes)
Hash
31f5bb5f43a7bd2800c6724e3a4125d2
bc1bcd6aa31ac91dd34359c2fbbcaefb3e15c875
e5dd86d52381d2bff5f1b74d3923443d3d95ced64048662307ed3ec2d52eb61b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /www/images/31f5bb5f43a7bd2800c6724e3a4125d2.png HTTP/1.1
Host: bobapsoabauns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:28 GMT
content-type: image/png
content-length: 16893
server: cloudflare
last-modified: Mon, 17 Mar 2025 02:12:20 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "67d78504-41fd"
expires: Sun, 08 Jun 2025 03:23:29 GMT
cache-control: max-age=86400
timing-allow-origin: *
accept-ranges: bytes
age: 48718
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4Hv3K1o%2FG0IZR1Ssf24dwXzKb08%2B%2B3h5fe7mP9lRBoJ2uSnKTvuhK4L7A31mbDsxpUT3pGndLk1Df97L%2FNHoVGiZ89ZHVWNZ2OPt6UgazQ%3D%3D"}]}
cf-ray: 94c1ad624e325688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sportsloverss.online/wp-content/themes/newspaperly/js/navigation.js?ver=20170823

104.21.80.1

200 OK

3.0 kB

URL GET
sportsloverss.online/wp-content/themes/newspaperly/js/navigation.js?ver=20170823
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectsportsloverss.online
Fingerprint54:36:5E:9A:38:33:C5:8D:04:01:C3:97:B5:C8:EC:CD:37:4D:80:1C
ValidityTue, 27 May 2025 07:14:03 GMT - Mon, 25 Aug 2025 08:10:10 GMT

File type
ASCII text
Size
3.0 kB (2967 bytes)
Hash
49493316c090bb3d7cca5bc09031037c
b77b6525d82691c3d4ca05948e846500ea0cb1d3
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

HTTP Headers

GET /wp-content/themes/newspaperly/js/navigation.js?ver=20170823 HTTP/1.1
Host: sportsloverss.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/?p=749
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:21 GMT
content-type: text/javascript
server: cloudflare
last-modified: Tue, 27 May 2025 08:29:56 GMT
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vTksmHmk2VfMEr5rVREFi9HaMhUTpN18BZ40CeVA%2BqNGHC9Mc5Whgk5XR%2BubtSvctPu0WxhOzc4Lxl6DYXER%2BYaFheFms8GBI9btKJoLeyM1PQ%3D%3D"}]}
age: 6358
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94c1ad39696256c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xk0qpywuw9gy.s4.adsco.re/

185.200.116.60

200 OK

0 B

URL POST
xk0qpywuw9gy.s4.adsco.re/
IP
185.200.116.60:443
ASN
#9009 M247 Europe SRL

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subject*.s4.adsco.re
Fingerprint1B:E8:4E:02:C6:2C:FB:13:48:08:17:BF:61:FB:19:19:3D:11:3E:57
ValidityMon, 19 May 2025 09:14:19 GMT - Sun, 17 Aug 2025 09:14:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: xk0qpywuw9gy.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:28 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.storageimagedisplay.com/cti/80/c6/99/80c6995878998246b6018519748dc7cd/1708270668.jpg

45.133.44.1

200 OK

79 kB

URL GET
cdn.storageimagedisplay.com/cti/80/c6/99/80c6995878998246b6018519748dc7cd/1708270668.jpg
IP
45.133.44.1:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
Fingerprint7C:BD:B0:48:37:0F:A4:22:46:5F:09:F9:77:FA:07:FF:25:25:52:76
ValiditySun, 11 May 2025 02:32:51 GMT - Sat, 09 Aug 2025 02:32:50 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:18 14:58:01], progressive, precision 8, 728x90, components 3
Size
79 kB (79356 bytes)
Hash
55ed59e5d7a388b1e733a86d7b654fa4
b3316451e0932734d60d343bb2c3939d5dd3d983
805f37a36d50e7437b87cc31eb8287395f62034b1ba796285c73fd669f74cc4e

HTTP Headers

GET /cti/80/c6/99/80c6995878998246b6018519748dc7cd/1708270668.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:28 GMT
content-type: image/jpeg
content-length: 79356
server: nginx/1.21.6
last-modified: Sun, 18 Feb 2024 15:37:56 GMT
etag: "65d22454-135fc"
expires: Mon, 09 Jun 2025 16:55:28 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=3b2579d3-8349-402a-bf12-8951952eba03&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=241229b746680fef8f280280d57d155e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16

192.243.59.13

200 OK

0 B

URL GET
unseenreport.com/pxf.gif?uuid=3b2579d3-8349-402a-bf12-8951952eba03&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=241229b746680fef8f280280d57d155e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint70:62:DC:6C:0A:F4:AA:56:4E:74:DC:EF:DA:CC:60:5A:C4:34:CE:F2
ValiditySat, 17 May 2025 22:34:21 GMT - Fri, 15 Aug 2025 22:34:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=3b2579d3-8349-402a-bf12-8951952eba03&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=241229b746680fef8f280280d57d155e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:29 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 87580c4ce9dd4103b4510082c0f2abba
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

code.jquery.com/jquery-3.6.0.min.js

151.101.194.137

200 OK

90 kB

URL GET
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://allupplay.xyz/premiumtv/daddylive.php?id=55
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allupplay.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 07 Jun 2025 16:55:24 GMT
age: 3383606
x-served-by: cache-lga21931-LGA, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 1406890
x-timer: S1749315325.837973,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

xk0qpywuw9gy.l4.adsco.re/

185.200.118.62

200 OK

0 B

URL POST
xk0qpywuw9gy.l4.adsco.re/
IP
185.200.118.62:443
ASN
#9009 M247 Europe SRL

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subject*.l4.adsco.re
Fingerprint76:AD:98:EA:A8:8F:6F:6D:58:92:36:07:6D:91:B6:67:41:97:C1:4E
ValiditySat, 19 Apr 2025 09:14:33 GMT - Fri, 18 Jul 2025 09:14:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: xk0qpywuw9gy.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:27 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

adsco.re/p

162.252.214.5

200 OK

1.2 kB

URL POST
adsco.re/p
IP
162.252.214.5:443
ASN
#53334 TUT-AS

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with very long lines (1212), with no line terminators
Size
1.2 kB (1212 bytes)
Hash
4ca89b5fcdae5925e60b13ba61a13292
ccb40577f463e0de5cb83a6e916ffb6ac3623620
fd3a4577fdeebe0ae76cbf0f8a26e13d0172426782bd88f673735d487396058c

HTTP Headers

POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1812
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 07 Jun 2025 16:55:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK nyc123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://sportsloverss.online
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

wearychallengeraise.com/watch.1408098155644.js?dev=e&key=f591db634d24e75b9d8ac135133ca656&kw=%5B%22callum%22%2C%22simpson%22%2C%22vs%22%2C%22ivan%22%2C%22zucco%22%2C%22%E2%80%93%22%2C%22sportsloverss%22%5D&pst=1749315385&rb=&refer=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&res=14.3095&rmtc=t&shu=801348678f619bd744854b9562966b39aa37ee088e498185cff7fe74b5b3d15b239b0dc0eb35e6369e297086f386911e09251336f27f8a9f4d29e1c43abb1cfaeca13aa380a74fd43c9ef3cc873936c2a731834e646bb1e7f76e20&tz=0&uuid=3b2579d3-8349-402a-bf12-8951952eba03%3A2%3A1

192.243.59.13

200 OK

5.0 kB

URL GET
wearychallengeraise.com/watch.1408098155644.js?dev=e&key=f591db634d24e75b9d8ac135133ca656&kw=%5B%22callum%22%2C%22simpson%22%2C%22vs%22%2C%22ivan%22%2C%22zucco%22%2C%22%E2%80%93%22%2C%22sportsloverss%22%5D&pst=1749315385&rb=&refer=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&res=14.3095&rmtc=t&shu=801348678f619bd744854b9562966b39aa37ee088e498185cff7fe74b5b3d15b239b0dc0eb35e6369e297086f386911e09251336f27f8a9f4d29e1c43abb1cfaeca13aa380a74fd43c9ef3cc873936c2a731834e646bb1e7f76e20&tz=0&uuid=3b2579d3-8349-402a-bf12-8951952eba03%3A2%3A1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectwearychallengeraise.com
Fingerprint59:0D:D9:8E:52:01:C0:D1:1E:83:C9:8F:D9:E2:AA:FF:AF:B7:B8:51
ValiditySun, 20 Apr 2025 03:17:43 GMT - Sat, 19 Jul 2025 03:17:42 GMT

File type
JavaScript source, ASCII text, with very long lines (4106)
Size
5.0 kB (4982 bytes)
Hash
90793191fed2d622b30cab2973f5afc7
cfe85981a1dacc0b5331dbe97456984ac48b764a
cce493d54e6636a8ee1c4e25bce9e508cd6ff311fa00a7505ffd8f3833b225fe

HTTP Headers

GET /watch.1408098155644.js?dev=e&key=f591db634d24e75b9d8ac135133ca656&kw=%5B%22callum%22%2C%22simpson%22%2C%22vs%22%2C%22ivan%22%2C%22zucco%22%2C%22%E2%80%93%22%2C%22sportsloverss%22%5D&pst=1749315385&rb=&refer=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&res=14.3095&rmtc=t&shu=801348678f619bd744854b9562966b39aa37ee088e498185cff7fe74b5b3d15b239b0dc0eb35e6369e297086f386911e09251336f27f8a9f4d29e1c43abb1cfaeca13aa380a74fd43c9ef3cc873936c2a731834e646bb1e7f76e20&tz=0&uuid=3b2579d3-8349-402a-bf12-8951952eba03%3A2%3A1 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
Referer: https://sportsloverss.online/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNjcxNjAzOCwiayI6ImY1OTFkYjYzNGQyNGU3NWI5ZDhhYzEzNTEzM2NhNjU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0OTc5ODE0LCJwaWQiOjI3MzI3NzYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6MjMsInB0Ijo0LCJwayI6InFlejZ0ZWE5YnkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3BvcnRzbG92ZXJzcy5vbmxpbmUvP3A9NzQ5IiwiYXIiOltdfX0.zY-y2LBrPmXd5JXmCMSKqbOJ7NFSA0i-2TTXroepZMY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sportsloverss.online
Access-Control-Allow-Origin: https://sportsloverss.online
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3b2579d3-8349-402a-bf12-8951952eba03:2:1; expires=Sat, 14 Jun 2025 16:55:26 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sun, 08 Jun 2025 16:55:26 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sun, 08 Jun 2025 16:55:26 GMT; path=/; secure; SameSite=None
pdhtkv23=true; expires=Sun, 08 Jun 2025 16:55:26 GMT; path=/; secure; SameSite=None
uncs23=1; expires=Sun, 08 Jun 2025 16:55:26 GMT; path=/; secure; SameSite=None
u_pl26716038=1; expires=Sun, 08 Jun 2025 16:55:26 GMT; path=/; secure; SameSite=None
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 835f6b6e59db619d567a2dd39bdca62b
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

wearychallengeraise.com/pixel/pure

192.243.59.13

200 OK

0 B

URL POST
wearychallengeraise.com/pixel/pure
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectwearychallengeraise.com
Fingerprint59:0D:D9:8E:52:01:C0:D1:1E:83:C9:8F:D9:E2:AA:FF:AF:B7:B8:51
ValiditySun, 20 Apr 2025 03:17:43 GMT - Sat, 19 Jul 2025 03:17:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /pixel/pure HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:26 GMT
Content-Length: 0
Connection: keep-alive
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

invadedisheartentrail.com/sbar.json?key=241229b746680fef8f280280d57d155e

192.243.59.13

200 OK

6.0 kB

URL GET
invadedisheartentrail.com/sbar.json?key=241229b746680fef8f280280d57d155e
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type
JSON text data
Size
6.0 kB (5993 bytes)
Hash
7b5f02424bfc928e752d9b3d367bff3a
d8a594bded09a486b662d695a6b5454153eaf905
6cb5759db77bc76340fb84199937b751dd8de99e776d86eb4c953e71a5b66b81

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=241229b746680fef8f280280d57d155e HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:24 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sportsloverss.online
Access-Control-Allow-Origin: https://sportsloverss.online
Access-Control-Allow-Credentials: true
Set-Cookie: pdhtkv=true; expires=Sun, 08 Jun 2025 16:55:24 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sun, 08 Jun 2025 16:55:24 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Sun, 08 Jun 2025 16:55:24 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Sun, 08 Jun 2025 16:55:24 GMT; path=/; secure; SameSite=None
u_pl26716036=1; expires=Sun, 08 Jun 2025 16:55:24 GMT; path=/; secure; SameSite=None
slec241229b746680fef8f280280d57d155e=[3078207]; expires=Sat, 07 Jun 2025 16:55:29 GMT; path=/; secure; SameSite=None
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c8894bf92c0d93c63abcf2a410c27656
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

vaimucuvikuwu.net/88/150427

139.45.197.106

200 OK

4.1 kB

URL GET
vaimucuvikuwu.net/88/150427
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectvaimucuvikuwu.net
Fingerprint15:95:D1:15:85:3D:65:BC:01:C6:97:22:A4:FB:38:F6:51:41:16:60
ValidityTue, 13 May 2025 05:39:41 GMT - Mon, 11 Aug 2025 05:39:40 GMT

File type
JSON text data
Size
4.1 kB (4112 bytes)
Hash
0eec2ad0d8e6f49189170195f6001718
6cda08fc29015bb03323fc1b1234f859e2464012
af1ffb99417683d9eafbd9e3a81cb8ab401bb73a32094ec1b1daedf88d6ab0f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /88/150427 HTTP/1.1
Host: vaimucuvikuwu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sportsloverss.online/
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:22 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

capaciousdrewreligion.com/advertisers.js

185.196.197.72

200 OK

0 B

URL GET
capaciousdrewreligion.com/advertisers.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
Fingerprint4C:9A:D1:39:AD:B4:C8:D5:6E:A1:5A:54:6F:88:D5:0F:D1:C6:5A:06
ValidityFri, 02 May 2025 21:09:09 GMT - Thu, 31 Jul 2025 21:09:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Jun 2025 16:55:23 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 17151cdf415e09970858697857811b8b
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

allupplay.xyz/premiumtv/daddylive.php?id=55

104.21.52.143

200 OK

45 kB

URL GET
allupplay.xyz/premiumtv/daddylive.php?id=55
IP
104.21.52.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerGoogle Trust Services
Subjectallupplay.xyz
Fingerprint00:AB:B0:47:51:B0:95:B9:9F:43:47:9F:5C:0D:F2:B8:99:EC:61:D3
ValidityWed, 16 Apr 2025 17:09:26 GMT - Tue, 15 Jul 2025 18:07:00 GMT

File type
JavaScript source, ASCII text, with very long lines (28181), with CRLF line terminators
Size
45 kB (45214 bytes)
Hash
638c079135158c02ed93525e894c5ca2
87b3c2c35a5569d7552a41eab1e26ecf1ce15c2a
270d5426b60ae9047a35d18ee13584d07e0df8ba4d1aa50b8ace949d30f85c1b

HTTP Headers

GET /premiumtv/daddylive.php?id=55 HTTP/1.1
Host: allupplay.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportstreamslife.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:24 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-cache: BYPASS
videocdnx: NO
node: PHP
cache-control: public, max-age=30, immutable, no-transform
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=PNxxY32%2Fjp2ZziZL2LNWjlrHTI%2Ffss4%2BTRwtBXiKxCgxQlwBdveJt1ln6DjC4rOYx4cp%2FSQUqpyeM89jpouWndRZB7wOthWq0AyB"}]}
cf-ray: 94c1ad482ce51c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

6.adsco.re/

104.17.167.186

200 OK

45 B

URL GET
6.adsco.re/
IP
104.17.167.186:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
45 B (45 bytes)
Hash
5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

HTTP Headers

GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:27 GMT
content-type: text/plain;charset=UTF-8
content-length: 45
access-control-allow-origin: https://sportsloverss.online
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 94c1ad5a589b7130-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

6.adsco.re:2087/

104.17.167.186

200 OK

45 B

URL GET
6.adsco.re:2087/
IP
104.17.167.186:2087
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
45 B (45 bytes)
Hash
5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

HTTP Headers

GET / HTTP/1.1
Host: 6.adsco.re:2087
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:27 GMT
content-type: text/plain;charset=UTF-8
content-length: 45
access-control-allow-origin: https://sportsloverss.online
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 94c1ad5a789c568e-OSL
alt-svc: h3=":2087"; ma=86400
X-Firefox-Spdy: h2

sportsloverss.online/wp-content/themes/newspaperly/css/font-awesome.min.css?ver=6.8.1

104.21.80.1

200 OK

31 kB

URL GET
sportsloverss.online/wp-content/themes/newspaperly/css/font-awesome.min.css?ver=6.8.1
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectsportsloverss.online
Fingerprint54:36:5E:9A:38:33:C5:8D:04:01:C3:97:B5:C8:EC:CD:37:4D:80:1C
ValidityTue, 27 May 2025 07:14:03 GMT - Mon, 25 Aug 2025 08:10:10 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /wp-content/themes/newspaperly/css/font-awesome.min.css?ver=6.8.1 HTTP/1.1
Host: sportsloverss.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/?p=749
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:21 GMT
content-type: text/css
server: cloudflare
last-modified: Tue, 27 May 2025 08:29:56 GMT
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=WIKGmJe7VbEZsRG34qAGsBvqhkL%2B%2FtHYntjMO3Igm8eEfa1C34vn1UHBI3ovFu96pUZy01Mnu8WzqpuDicOk5BIIFETc0H5PKBbslsa2G2OEFg%3D%3D"}]}
age: 6358
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94c1ad39595856c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sportsloverss.online/wp-content/themes/newspaperly/style.css?ver=6.8.1

104.21.80.1

200 OK

49 kB

URL GET
sportsloverss.online/wp-content/themes/newspaperly/style.css?ver=6.8.1
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectsportsloverss.online
Fingerprint54:36:5E:9A:38:33:C5:8D:04:01:C3:97:B5:C8:EC:CD:37:4D:80:1C
ValidityTue, 27 May 2025 07:14:03 GMT - Mon, 25 Aug 2025 08:10:10 GMT

File type
ASCII text, with very long lines (1694)
Size
49 kB (49429 bytes)
Hash
996f1baec316d292be6fd3e770ed5d05
f10387f3566c49e52c3b5658d72bbed09cfb322f
1cdeec3c09765614cb41103a6a816966d5fb67d80e13c1ee36ae83fb08e3d3d6

HTTP Headers

GET /wp-content/themes/newspaperly/style.css?ver=6.8.1 HTTP/1.1
Host: sportsloverss.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/?p=749
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:21 GMT
content-type: text/css
server: cloudflare
last-modified: Tue, 27 May 2025 08:29:56 GMT
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=OD6CmDe3dCPjkOL8ptcFoq%2Bx%2F6%2FhaYrOiZELqBjoZfWgN7GMmpFFY0mWfCF8jrPREllixeNWXFMT0dfohgb%2F5zLR6oSUTUwKlQTkPmvQSoPWKQ%3D%3D"}]}
age: 6358
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 94c1ad39695956c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.35

200 OK

24 kB

URL GET
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 13:09:47 GMT
expires: Fri, 05 Jun 2026 13:09:47 GMT
cache-control: public, max-age=31536000
age: 186335
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

roagrofoogrobo.com/400/9407005

139.45.197.107

200 OK

157 kB

URL GET
roagrofoogrobo.com/400/9407005
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectroagrofoogrobo.com
FingerprintC7:CB:1C:71:86:21:01:54:9C:53:21:D6:A5:5E:65:12:E9:E8:E6:6B
ValidityTue, 13 May 2025 05:45:01 GMT - Mon, 11 Aug 2025 05:45:00 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
157 kB (156666 bytes)
Hash
8fba336cf3abed57ff065374c54fc834
a23973a2841731c78d283fd0162fe2cdafb3a35e
0d105a031cf6bd48ee803f49f6db5bf938943fa3bc4796fae93f8ad22485c2ff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /400/9407005 HTTP/1.1
Host: roagrofoogrobo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:24 GMT
content-type: application/javascript
x-trace-id: cb691f8048bb782e2bf19165682e16d7
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0301e14b8a36486de2dc192c75b74a56; expires=Sun, 07 Jun 2026 16:55:24 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

grookilteepsou.net/event

139.45.197.122

200 OK

81 B

URL POST
grookilteepsou.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectgrookilteepsou.net
Fingerprint88:32:02:85:20:BA:DC:ED:9E:9D:73:5A:A2:BA:00:56:79:A1:7D:44
ValiditySat, 29 Mar 2025 05:35:06 GMT - Fri, 27 Jun 2025 05:35:05 GMT

File type
JSON text data
Size
81 B (81 bytes)
Hash
ca53211ef1ebbb2754fa98f5ae20bb5c
fe5136e13b6a419cf428a8957a68b123dbb30339
ffe350b8073ebb56cf8ec765a4d89795b17b7401c2fce9c5bf14177fc0e79367

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: grookilteepsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sportsloverss.online/
Content-Type: application/json
Content-Length: 399
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:26 GMT
content-type: application/json; charset=utf-8
content-length: 81
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://sportsloverss.online
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.10

200 OK

17 kB

URL GET
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
ASCII text, with very long lines (1572)
Size
17 kB (16755 bytes)
Hash
e9d2e14beb088f37fae98294940a9dcd
1dafc3c55550249c8c2d782d5616c7b445c8e005
f2e491cc46d3fcba81f729065d622bd722751d4a2e7f80b479aa64a92c17b5c7

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 07 Jun 2025 16:55:28 GMT
date: Sat, 07 Jun 2025 16:55:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sportsloverss.online/?p=749

104.21.80.1

200 OK

36 kB

URL User Request GET
sportsloverss.online/?p=749
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectsportsloverss.online
Fingerprint54:36:5E:9A:38:33:C5:8D:04:01:C3:97:B5:C8:EC:CD:37:4D:80:1C
ValidityTue, 27 May 2025 07:14:03 GMT - Mon, 25 Aug 2025 08:10:10 GMT

File type
HTML document, ASCII text, with very long lines (8856)
Size
36 kB (35982 bytes)
Hash
4d383b7576523360a58437e365ea18f4
dcdc959534bb218240fa10c9e6f70acb2d4a7265
ee7d4c5200b3a847c0e4076609ccf438d9a64c26af554cadd80bf1550b808325

HTTP Headers

GET /?p=749 HTTP/1.1
Host: sportsloverss.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:21 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
x-pingback: https://sportsloverss.online/xmlrpc.php
link: <https://sportsloverss.online/index.php?rest_route=/>; rel="https://api.w.org/", <https://sportsloverss.online/index.php?rest_route=/wp/v2/posts/749>; rel="alternate"; title="JSON"; type="application/json", <https://sportsloverss.online/?p=749>; rel=shortlink
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ULGTOWYXEsm7Wocw7S7c6yJgCaqjyofPfyk5Xu1Uk%2Bv5n3k0%2Fr2HPoYy6JXHjFYk%2BJEmLf8Ym7DYz7aBI3sMDLfUFTHy4RyvowXvMi8VEIy4iw%3D%3D"}]}
content-encoding: br
cf-ray: 94c1ad347aa756c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

glempirteechacm.com/401/9407007

139.45.197.106

200 OK

162 kB

URL GET
glempirteechacm.com/401/9407007
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectglempirteechacm.com
Fingerprint51:89:C2:30:06:BF:A8:71:E7:A4:F8:CD:8F:A9:31:DE:A9:CC:63:67
ValidityTue, 13 May 2025 05:47:53 GMT - Mon, 11 Aug 2025 05:47:52 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
162 kB (162166 bytes)
Hash
85041ad46f70d4aa5548eecdd9e84946
d01db08ebaee0b769cdc08827d8eb521820ee616
fd241c94cddf4e19423ff8092d7d45616cec7fe497a72df440c743d047f720f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/9407007 HTTP/1.1
Host: glempirteechacm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:24 GMT
content-type: application/javascript
x-trace-id: 22e97535bd23bc71d3ae0f98f032b145
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0301e1187b5e4b7fecd4f202d30fe9f8; expires=Sun, 07 Jun 2026 16:55:24 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

192.243.59.13

200 OK

0 B

URL GET
invadedisheartentrail.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3664&fd=159
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3664&fd=159 HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26716036=1; slec241229b746680fef8f280280d57d155e=[3078207]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Jun 2025 16:55:27 GMT
Content-Length: 0
Connection: keep-alive
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

kzt2afc1rp52.com/dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js

192.243.61.225

200 OK

104 kB

URL GET
kzt2afc1rp52.com/dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://sportstreamslife.shop/player/stream-55.php
Certificate
IssuerLet's Encrypt
Subjectkzt2afc1rp52.com
FingerprintED:1D:8A:9E:BF:27:6A:6B:E7:8E:0F:07:C7:1B:5F:3A:B9:4B:66:9B
ValidityThu, 05 Jun 2025 21:24:56 GMT - Wed, 03 Sep 2025 21:24:55 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
104 kB (104484 bytes)
Hash
ab9442a65a6a6f4567108c1a0de1fff6
b979b1951dfccc41360c1210771a236dfae99031
f10949fd96e2b4c7ba82f45086408364a36b9602e23a2ffc2646d399673c22b2

HTTP Headers

GET /dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js HTTP/1.1
Host: kzt2afc1rp52.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportstreamslife.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Jun 2025 16:55:23 GMT
Content-Type: application/javascript
Content-Length: 32782
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: kzt2afc1rp52.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 0e654cea47a2661411a78a162d99c5ec
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.jsdelivr.net/npm/disable-devtool@latest/disable-devtool.min.js

151.101.1.229

200 OK

17 kB

URL GET
cdn.jsdelivr.net/npm/disable-devtool@latest/disable-devtool.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://allupplay.xyz/premiumtv/daddylive.php?id=55
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4
ValidityMon, 02 Jun 2025 15:43:52 GMT - Sat, 04 Jul 2026 15:43:51 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (17245)
Size
17 kB (17266 bytes)
Hash
226c2fa3f39c0bb35bb5f1d9d120f9ec
7134ea62cdb655c2a423b1662365c99ba645c2bd
8a23f92a25922d13437d67f25ba2269b64080b5ec030f5cba982e0261abbfe04

HTTP Headers

GET /npm/disable-devtool@latest/disable-devtool.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://allupplay.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.8
x-jsd-version-type: version
etag: W/"4372-cTTqYs22VcKkI7FmI2XJm6ZFwr0"
content-encoding: br
accept-ranges: bytes
date: Sat, 07 Jun 2025 16:55:24 GMT
age: 36245
x-served-by: cache-fra-etou8220123-FRA, cache-hel1410021-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6161
X-Firefox-Spdy: h2

139.45.197.106

200 OK

1.5 kB

URL GET
glempirteechacm.com/500/9407007?excludes=&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=glempirteechacm.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=7&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerLet's Encrypt
Subjectglempirteechacm.com
Fingerprint51:89:C2:30:06:BF:A8:71:E7:A4:F8:CD:8F:A9:31:DE:A9:CC:63:67
ValidityTue, 13 May 2025 05:47:53 GMT - Mon, 11 Aug 2025 05:47:52 GMT

File type
JSON text data
Size
1.5 kB (1514 bytes)
Hash
edfa9b489faba191788824565cd49e1f
e6674b46687b1a636147f4581f3d09b5941a6c0e
dfdf8c7ccbe28fe4cdcc12bb604445c601c1d8f0faefe0e1f1f927e4b58eac83

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /500/9407007?excludes=&oaid=0081e15845a4400be196798785c7a553&var=&ymid=&tgp=&js_build=8&sw_version=v1.644.0&dmn=glempirteechacm.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=7&pl=https%3A%2F%2Fsportsloverss.online%2F%3Fp%3D749&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: glempirteechacm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Cookie: OAID=0301e1187b5e4b7fecd4f202d30fe9f8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 07 Jun 2025 16:55:27 GMT
content-type: application/javascript
x-trace-id: f4b5ae3d21fa7e2b13afe394c3f488eb
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://sportsloverss.online
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0081e15845a4400be196798785c7a553; expires=Sun, 07 Jun 2026 16:55:27 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=06d21dcb-72bb-4ce2-9a1e-045151fd9a6b

139.45.195.252

200 OK

12 B

URL POST
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=06d21dcb-72bb-4ce2-9a1e-045151fd9a6b
IP
139.45.195.252:443
ASN
#9002 RETN Limited

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0
ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=06d21dcb-72bb-4ce2-9a1e-045151fd9a6b HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2119
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Sat, 07 Jun 2025 16:55:28 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://sportsloverss.online
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sportsloverss.online
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jun 2025 00:24:14 GMT
expires: Sat, 06 Jun 2026 00:24:14 GMT
cache-control: public, max-age=31536000
age: 145875
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sportsloverss.online/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1

104.21.80.1

200 OK

116 kB

URL GET
sportsloverss.online/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sportsloverss.online/?p=749
Certificate
IssuerGoogle Trust Services
Subjectsportsloverss.online
Fingerprint54:36:5E:9A:38:33:C5:8D:04:01:C3:97:B5:C8:EC:CD:37:4D:80:1C
ValidityTue, 27 May 2025 07:14:03 GMT - Mon, 25 Aug 2025 08:10:10 GMT

File type
ASCII text, with very long lines (55654)
Size
116 kB (116363 bytes)
Hash
dfe67cbbac3da53fdbbaed71c91db428
8c82643ef63a8389c1b800b7c5d0af9d684b8b24
597ddfdee7171750c16ec5aafd392cf992e9c53386d6bb6061d48e30334f09e9

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.8.1 HTTP/1.1
Host: sportsloverss.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sportsloverss.online/?p=749
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Jun 2025 16:55:21 GMT
content-type: text/css
content-encoding: br
last-modified: Tue, 25 Mar 2025 12:48:38 GMT
age: 6358
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s7UV%2Fj2XUasNbjotZEiSuyW1NCDegrDYfhQW96C36QuXDQAod%2F%2BxniFOEVPsMcgaOpe1mAEDNVzqhbpUTjl%2BsDB9e9CoYNckQihRA6m9la%2BMao7BlIkV%2FrYenpYTf6CIIDrkLs3KPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94c1ad39595656c7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=718&min_rtt=411&rtt_var=159&sent=97&recv=55&lost=0&retrans=0&sent_bytes=88275&recv_bytes=2399&delivery_rate=40368484&cwnd=257&unsent_bytes=0&cid=45b2eab71c5c5116&ts=830&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (59)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML