{"report_id":"c51458ea-7924-4455-b77b-5cf9391d30f2","version":6,"status":"done","tags":[],"date":"2025-12-28T20:21:25Z","url":{"schema":"http","addr":"easybugz.site/soccer5/player/36.php","fqdn":"easybugz.site","domain":"easybugz.site","tld":"site"},"ip":{"addr":"193.108.130.21","port":0,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"easybugz.site/soccer5/player/36.php","fqdn":"easybugz.site","domain":"easybugz.site","tld":"site"},"title":"easybugz.site/soccer5/player/36.php","dom":{"size":8879,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (4150)","md5":"bb4cdb093f91d40b8573107eedf3496c","sha1":"bc49fcf25cc8e04218b73bec2862249d1f83b853","sha256":"6681c18571157d5e87300442c14bd05391129b9ec0117f873efb11bfd1e92a14","sha512":"939b6177ac4d1b0410a2ac9918bd0aef9f00a17cfa9c0bb9cdbf6a9bcf0d8421ce303ae7e073539bf92a195d80d03367957f0b604af7691610ff21f0d5b1a1ea","ssdeep":"192:lvlhKteTJQpPCRknlAyYVaSiizLlhKteTJQpPCRknlAyYVaSivcCkCaO:lv+t+bSnlYrlzL+t+bSnlYr12","tlshash":"48024bb89ec49564287170ea14b3e5646c61525f2d45f9c1f09cf64e6ba0bf30f2aa0c","dom_hash":"domhashdc54fbe1ae197f2d0347c91caad45e38","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"easybugz.site/soccer5/player/36.php","fqdn":"easybugz.site","domain":"easybugz.site","tld":"site"},"ip":{"addr":"193.108.130.21","port":0,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-01T20:21:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":28}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"easybugz.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"waust.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"waust.at","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"pl27780335.effectivegatecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"pl27780335.effectivegatecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"pl27780335.effectivegatecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"pl27780335.effectivegatecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.highperformanceformat.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-10-15","domain_rank":366864,"first_seen":"2024-10-23T18:32:34.138968Z","last_seen":"2025-12-23T11:36:58.922996Z","alert_count":8,"request_count":2,"received_data":94284,"sent_data":916,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"t.dtscout.com","ip":{"addr":"104.26.11.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2013-11-01","domain_rank":54823,"first_seen":"2017-01-30T04:52:42Z","last_seen":"2025-12-23T07:32:39.03417Z","alert_count":0,"request_count":2,"received_data":3663,"sent_data":1001,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-12-21T22:26:30.244656Z","alert_count":0,"request_count":3,"received_data":849143,"sent_data":1343,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"realizationnewestfangs.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-10-02T06:26:57.543488Z","last_seen":"2025-12-23T10:38:09.382032Z","alert_count":12,"request_count":4,"received_data":21567,"sent_data":5880,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"p.mrktmtrcs.net","ip":{"addr":"104.26.14.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-04","domain_rank":63178,"first_seen":"2025-05-16T05:58:44.985071Z","last_seen":"2025-12-22T18:30:26.155587Z","alert_count":0,"request_count":1,"received_data":40594,"sent_data":407,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"maxcdn.bootstrapcdn.com","ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":6807,"first_seen":"2014-06-18T00:37:31Z","last_seen":"2025-12-22T00:25:56.931995Z","alert_count":0,"request_count":1,"received_data":38003,"sent_data":447,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-12-24T19:08:33.595887Z","alert_count":3,"request_count":1,"received_data":85956,"sent_data":414,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"easybugz.site","ip":{"addr":"193.108.130.21","port":443,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"domain_registered":"2025-11-08","domain_rank":0,"first_seen":"2025-11-09T15:29:30.977879Z","last_seen":"2025-11-09T15:29:30.977879Z","alert_count":4,"request_count":4,"received_data":4187,"sent_data":1912,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:8.3.23","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"deepcathink.com","ip":{"addr":"104.21.12.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-02-22","domain_rank":4406683,"first_seen":"2025-09-06T05:27:33.307422Z","last_seen":"2025-12-21T15:42:30.643586Z","alert_count":0,"request_count":6,"received_data":704655,"sent_data":2848,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"BootstrapCDN:3.3.7","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"Bootstrap:3.3.7","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery Migrate:1.2.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:8.1.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"jQuery:3.2.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"172.217.21.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2025-12-21T22:36:12.072016Z","alert_count":0,"request_count":1,"received_data":87582,"sent_data":444,"comment":"","tags":null,"fingerprints":null},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-12-24T19:21:20.505106Z","alert_count":3,"request_count":1,"received_data":377,"sent_data":419,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pl27780335.effectivegatecpm.com","ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-10-07","domain_rank":0,"first_seen":"2025-11-22T12:38:55.058704Z","last_seen":"2025-11-22T12:38:55.058704Z","alert_count":4,"request_count":1,"received_data":107721,"sent_data":465,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"sourshaped.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-10-06T14:35:38.581947Z","last_seen":"2025-12-27T07:29:55.684504Z","alert_count":12,"request_count":4,"received_data":21180,"sent_data":5836,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-12-21T22:27:34.829071Z","alert_count":0,"request_count":3,"received_data":388210,"sent_data":1275,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"protrafficinspector.com","ip":{"addr":"63.182.60.117","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2025-06-18","domain_rank":614186,"first_seen":"2025-07-25T22:45:21.95813Z","last_seen":"2025-12-23T21:54:17.105331Z","alert_count":0,"request_count":3,"received_data":1145,"sent_data":1390,"comment":"","tags":null,"fingerprints":null},{"fqdn":"techydeals.store","ip":{"addr":"193.108.130.21","port":443,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"domain_registered":"2025-07-07","domain_rank":0,"first_seen":"2025-08-20T01:57:18.371688Z","last_seen":"2025-11-22T12:38:55.635041Z","alert_count":0,"request_count":2,"received_data":1586,"sent_data":956,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:8.3.23","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2025-12-23T14:58:42.338766Z","alert_count":5,"request_count":1,"received_data":520,"sent_data":501,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"waust.at","ip":{"addr":"104.26.5.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":36042,"first_seen":"2016-01-28T18:24:33Z","last_seen":"2025-12-23T12:37:25.374207Z","alert_count":2,"request_count":1,"received_data":8017,"sent_data":399,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-12-22T08:34:53.146151Z","alert_count":0,"request_count":2,"received_data":107709,"sent_data":924,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23","fqdn":"deepcathink.com","domain":"deepcathink.com","tld":"com"},"ip":{"addr":"104.21.12.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"394cb18c6d237357d97ed54760b53961","sha1":"cd5cb994fcec5cc21dfba23968799885dcb1d136","sha256":"efe7b20e748c56c27e7f064b335209c7188115086215d6fa62aabe3fc3e5d1f6","sha512":"178bb3e196b941f3ed298e6dd375f481df8a2125f5ff3b3e59b82f9747a23703e0f992a7c27bb51ec6e3107b39c62d2d5504f5dbc4048024c30ef107089265ec","ssdeep":"","tlshash":"dac08c4288802d893970a2064f1f270db8df04e3228ace12240cfa092e2881bc0ec0c4","size":161,"data":"","first_seen":"2025-04-07T22:50:51.627593Z","last_seen":"2026-05-17T17:43:43.812517Z","times_seen":132,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"techydeals.store/text.js","fqdn":"techydeals.store","domain":"techydeals.store","tld":"store"},"ip":{"addr":"193.108.130.21","port":443,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"af92809653b7ef69accc97384e14c33f","sha1":"67fb520fae6ae7858feb684f9d7316924b05d8b3","sha256":"453b1d8d659235e3885468044d5f264dfd67d631f6a3e5d5d1f8f763746de8a0","sha512":"ec08fc9c33882f1a49b6b4463b8586b01a870a27ba6e6c7f66437c15e7ad2637be9bc400e2b006baad60831148a8b513f6dc3a9397423670d83c845d5c65824b","ssdeep":"","tlshash":"cfd02b29cdf7e021055a1457a2bec26871a150b62614e40b68fccf5c5f60fe94c1de9d","size":288,"data":"","first_seen":"2025-11-22T12:39:02.038672Z","last_seen":"2026-01-03T15:16:24.170839Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"16aec1aba5a67a3bdd494aa2c3d11f6a","sha1":"db530d505d9325933848d75027aa5baf2fa886e9","sha256":"00ce51b7f4ab9e1226a10ac148eb6a3b4fda7ee56157a86c166215cae182860c","sha512":"20fd06ae80434d5422fd748d0cb4fb57b8004b596093dfb828fd96ec49cbf8e2cc9adf6d5b1173ad241ab57262dba14084b9221613fed28e84c08b54b5a0a4cc","ssdeep":"","tlshash":"3bc08cbd3b2184206a203e0fea8803cd9cc2e7bef5a0aa051006808660d20338080080","size":145,"data":"","first_seen":"2025-11-09T15:29:37.068997Z","last_seen":"2025-12-31T20:44:29.709498Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easybugz.site/bannerads.js","fqdn":"easybugz.site","domain":"easybugz.site","tld":"site"},"ip":{"addr":"193.108.130.21","port":443,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1972efb18561923059d7ffb8004acb91","sha1":"df08da8c77e7e073984dce18c629e6ac9f8b1399","sha256":"7d76bdc49f89b41ee4d890cf53f0caf4d29d0b6e343dc4da8dad73c8a5a7a77c","sha512":"c36546e51bcf9a322201b837d719251e79f5a470169200282cc1d93c4d5c64675d15eaec4e593ee5fa980b00c13f5b0bc98b294c3ce389383598d98360596e8b","ssdeep":"","tlshash":"c101996d5983f89090610cbfc05d41882a70a22be940ace13a7f96598fddd6d18a2e38","size":695,"data":"","first_seen":"2025-11-09T15:29:37.014977Z","last_seen":"2026-01-03T15:16:23.295833Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"bf90314abcefb6c0407f3a2d16e8fc38","sha1":"77ab9c2988fa934b4e84b66896f93b3c1937bf86","sha256":"d941a7559f443644309da6c91eb82153bc06c7c649e32a1b0939b2d7badddcd2","sha512":"2d86198162ffd929e6372ca2fd1c766910bda91f9c970a026163e6dd9e154c53443f79483285804fd19d17dd7e39a53dc642023e1bb0d073cdd95b5f066c08ce","ssdeep":"96:cfozaldtDFBaTN7JdfCfCYm5H4+Ftk/RLqob2A/g+B31jD8CfMEDaH:cAziFEZ7JoMYStkpLqoyefFv8CkCaH","tlshash":"2b914cbbaea0d1681d2761bf941efa5c3e21e00f6e04dc407aceed052f551b09d289cc","size":4555,"data":"","first_seen":"2025-12-28T20:21:30.791374Z","last_seen":"2025-12-28T20:21:30.791374Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easybugz.site/soccer5/player/36.php","fqdn":"easybugz.site","domain":"easybugz.site","tld":"site"},"ip":{"addr":"193.108.130.21","port":443,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"36b8f331aa54d7375970babb7a52ff11","sha1":"1e6e72261b79b30ac864126ee60a4cdb6b472ec3","sha256":"aeca5ef2154969db89ddafe14e70080da0c7dd9fdda8c15cb70e3be6c5a8a52b","sha512":"34f63377f0efe6b14aa61c1f2ec99dc59d191dbbb5ab21ce3d933a4c0a06f4be492beb5dae18b4e3e923c785f12cec9177633ab9274efd169faa0f63c3b59625","ssdeep":"","tlshash":"925000c3000000003000c00cc00000c000000000000003000c0000f300300300300030","size":10,"data":"","first_seen":"2025-11-09T15:29:37.061402Z","last_seen":"2026-04-12T15:30:10.918111Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"327846f76a273e71ac673e5c8239535b","sha1":"904878ec8673c9d8202a71a6905afabe36c2ae62","sha256":"29ca66732e271d2001aa31548e34fee8ab29151105446de7dca923cc0daad2bf","sha512":"6832e1d20e146fa4acaf4f96b9b0d43d2c1812a5d5bda98996c2eff1a04b2d6b8be2473788588885d548abb74bc66c130442781f6a724b5c96c75cef72157600","ssdeep":"","tlshash":"7b31e7a7ba2417870d7eeaf3240d7bf939a8f8879e48988011831d0526390fa1354908","size":1784,"data":"","first_seen":"2025-12-28T20:21:30.792991Z","last_seen":"2025-12-28T20:21:30.792991Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"techydeals.store/iframe/36.php","fqdn":"techydeals.store","domain":"techydeals.store","tld":"store"},"ip":{"addr":"193.108.130.21","port":443,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0aa6a7d33c5f7704c191285fbbf31adf","sha1":"08f5de623ae2296b266a04875390b72715dda46f","sha256":"b0d40e04414028974dfec34eaf7bd86315716c9c84257fa4a5c6f72c2fbd8241","sha512":"dc360ce20b557a55c00a7cec2efb7fad0b32ec3d48cafca7b705a4568fb5b683fe1bc1ccee09cf20f23614412cecb2bd776c17f86dd7929da5c822a44bd79f7d","ssdeep":"","tlshash":"389002e052146115c820174153d125647257f53056c610098340b86b110d4b6183006c","size":53,"data":"","first_seen":"2025-12-28T20:21:30.793745Z","last_seen":"2025-12-28T20:21:30.793745Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t.dtscout.com/i/?l=https%3A%2F%2Feasybugz.site%2Fsoccer5%2Fplayer%2F36.php\u0026j=\u0026wk=evzhqy75bn","fqdn":"t.dtscout.com","domain":"dtscout.com","tld":"com"},"ip":{"addr":"104.26.11.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8450c234da2df92a0c33a47c5aabf6e6","sha1":"0ea50308805f927f1e9ce37a96d44f27e01cdf8e","sha256":"c67ad82f6fe5a742115d0d041e403c18df8da6486fa0dd5fc785d4bb58458ac9","sha512":"1ea70b0b047651af5f5496bdbfac4574dad62bef73132ad667c194c375382c36ea62c24f37a4c2882d6e644846f5b866720a8b33cad3e4e650fa6b9fa0331de8","ssdeep":"","tlshash":"1f41880bb5e5347803e2006965ff635fb5330928bc5784c08596dc04fd749fad1b6eaa","size":2292,"data":"","first_seen":"2025-11-28T22:59:20.195769Z","last_seen":"2026-05-22T17:07:03.447412Z","times_seen":3159,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easybugz.site/soccer5/player/36.php","fqdn":"easybugz.site","domain":"easybugz.site","tld":"site"},"ip":{"addr":"193.108.130.21","port":443,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"aeecaf9f606984dded2519a3d40e18e8","sha1":"f133b4683b51b6a67eea5f34f9a1ce118678d9ef","sha256":"cf08711d055c5f376ab8aa7b1e7aa4ca5a798e10b8023aa2b9afec7133028fae","sha512":"dac8b128d990c92940ed3d0ea4db3a20b8066738ba06da48260b99814c914ef82c02cdd68d2f07fcc63ed8d2d2cb7804444888be2bd5d808cac2b6bc90e61688","ssdeep":"","tlshash":"b5500000c000030000300ccc00000fc030000000cc0000000300000003000000000c00","size":10,"data":"","first_seen":"2025-11-09T15:29:37.083227Z","last_seen":"2026-04-12T15:30:10.931461Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p.mrktmtrcs.net/mm.js","fqdn":"p.mrktmtrcs.net","domain":"mrktmtrcs.net","tld":"net"},"ip":{"addr":"104.26.14.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"67cda29c6b95cb5eb8c4960490502a19","sha1":"ac6700bfe19f0580cccf51bddf2a7310d31a833c","sha256":"6ed6986bfeafe3a3bab8174b435e96c3ca8e216c3c7941b20c3e4984087f9e0b","sha512":"c5d6bdfb04022d8f3ff82c95c1c938a3aec4246a9fefc40a2e96b12e42295fe8d578c983b399ca86493f3481b113f685d27e20e2cd19000efab176a6b7ab578f","ssdeep":"768:Iudg8MPdH/EeIO5V1gPk5Te1pCeKSreGdRY8ZqM0wTo:IHEelgvZnAVQo","tlshash":"9403192ee3a2761003abf19dd90b50003e35541bea41f8a4bdecb581ff958a512bf7b5","size":39952,"data":"","first_seen":"2025-07-17T20:43:49.34962Z","last_seen":"2026-05-22T17:07:03.443392Z","times_seen":3227,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/781cfdb4acd53abd3de7fdeb77c533a4/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8db5683da256d1ad453602cbe0e4e2c7","sha1":"e71a06831f3ace38eff397e542d79ae50b310b5b","sha256":"e2313c06fdfddaff0d42991fb6ab39fdd6fac188e6979794385d98b975226459","sha512":"79aab03e479247fbf657cf1c83d620d1d19d17025b1a39e0509207bc358909d37f45e02aaca9d2f44e9836513eec80fbed21b315febdf6f48a34f12c70439308","ssdeep":"768:dB2Ee/5+sNKlKMHLQTwkf0R6sYeLvLoK12G6FYc0CX8C:dB2Em+aMHLQTwkf0bLDLoK12tFYNKB","tlshash":"b223fa5dbf92f006165f70b7372fa106b15a8c19280cd88cfa07fda46d68f05e837aa4","size":46311,"data":"","first_seen":"2025-12-28T20:21:30.776623Z","last_seen":"2026-01-03T15:16:22.917881Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","size":6454,"data":"","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waust.at/s.js","fqdn":"waust.at","domain":"waust.at","tld":"at"},"ip":{"addr":"104.26.5.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7e1800d35725cb510d6ca600677a9669","sha1":"e4ba00dd620d7a4531a6a954c51b5d801f78520c","sha256":"d03635e64afffd465cd2c59e0bc850fecde2aa979e55240e4737094633f50391","sha512":"b5c00c9106750dec2b23e6207f49efeb62825c39b148f849015ae30453f1c76cc1c649083062b1d9e32214cad4a8f6249373ab17f92d662326350f004adb6c1d","ssdeep":"96:tLN7NgmG8j2svNuYMTX080ORDvckw9AVDx+llB9RmSK29tCq0jjaNrTBq92n/rQl:l94B70AjPVDx+9Rml29NBm2/MVpd","tlshash":"26e1c7b5325314b65ff650a5606f7345b831517b6f479001809e84b836acf0b91eaff7","size":7286,"data":"","first_seen":"2025-11-28T23:48:30.367069Z","last_seen":"2026-05-22T17:07:03.44545Z","times_seen":1129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"deepcathink.com/embed.js","fqdn":"deepcathink.com","domain":"deepcathink.com","tld":"com"},"ip":{"addr":"104.21.12.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"da0b7383c6834c8839c2f3538bdd8705","sha1":"ef4e75e4828c9ca50d11dca975e1e7a7e4752e8f","sha256":"cb5d314f472c946325efbee460ff6980db27378472dbb51884c1a286389f1d9b","sha512":"9f233c1407b7e6831c91c8b46c36e38c3823d94de1dbf408331725e1976e6822ca3d7d91ea1e39ec06e04d98bc48bbf441c308e8b1fa27f0841640ad01c59b03","ssdeep":"","tlshash":"c821eb65fee2b40989733869886f800478b6840b9e1e4d80759c5ea0af60c2954a3aac","size":1249,"data":"","first_seen":"2025-11-15T18:46:41.829114Z","last_seen":"2026-01-11T20:48:41.717046Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"fc45b789e598d13cf12ecfcbb322f1cb","sha1":"4402b7672298fced5c63ac1408d789fe71722cb4","sha256":"bacd246fbb2a723544881e44b39f6de215415ce9d5af84bac34c55dbb7df26fa","sha512":"df519660a9e04ba5ecaafe34d86a87ee90766cdabac33b33ef27a415f56ea4ad2e8d6bd90959993bf892f8431c9aed5e7a329dacebd924eac7bab542e0e39d19","ssdeep":"","tlshash":"d331fcbbca54b4ed2f1b50a5c845ef0c6f53893d969615408bed1d24f849510a8190fd","size":1514,"data":"","first_seen":"2025-12-28T20:21:30.795435Z","last_seen":"2025-12-28T20:21:30.795435Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl27780335.effectivegatecpm.com/73/7d/3e/737d3edcc92abc8ffa2c1a1fead98229.js","fqdn":"pl27780335.effectivegatecpm.com","domain":"effectivegatecpm.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"590f6685d4ae85323e5419dd53608fdc","sha1":"6302a1ec427a4d990a3edb7d929a29d22e412686","sha256":"f1faeb7cd141e3e055bf20778e779880ab96541a8e25e00314e2b96d3beda6a8","sha512":"c9e641ad7e21ee684a905d9b81a6e05f3523a9e93b5bb2bac9c5e82cc214b6b6b73a0d585c6e52f212d4e6a3ca640ed9e4f7fc55919e163632586a9e62516a94","ssdeep":"3072:Ekz17aMWZ44SXdVY4lDKVVbZ4i3/9j9y1UglGewsR:Ekzw194LwsR","tlshash":"aca3c788bfd0f06d129a6473223f950ff11a4e42505ce558e907f8e66abc32af47db64","size":106864,"data":"","first_seen":"2025-12-28T20:21:30.787827Z","last_seen":"2025-12-31T20:44:29.610392Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easybugz.site/bannerads.js","fqdn":"easybugz.site","domain":"easybugz.site","tld":"site"},"ip":{"addr":"193.108.130.21","port":443,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1972efb18561923059d7ffb8004acb91","sha1":"df08da8c77e7e073984dce18c629e6ac9f8b1399","sha256":"7d76bdc49f89b41ee4d890cf53f0caf4d29d0b6e343dc4da8dad73c8a5a7a77c","sha512":"c36546e51bcf9a322201b837d719251e79f5a470169200282cc1d93c4d5c64675d15eaec4e593ee5fa980b00c13f5b0bc98b294c3ce389383598d98360596e8b","ssdeep":"","tlshash":"c101996d5983f89090610cbfc05d41882a70a22be940ace13a7f96598fddd6d18a2e38","size":695,"data":"","first_seen":"2025-11-09T15:29:37.014977Z","last_seen":"2026-01-03T15:16:23.295833Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23","fqdn":"deepcathink.com","domain":"deepcathink.com","tld":"com"},"ip":{"addr":"104.21.12.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"53bce2e2c731b2d9ece31848c4458f22","sha1":"4074d4a7c985095c892c2dfa30063e46dbd66c8c","sha256":"c51408f00ddd00db560369e25d6695e158c4143cb2b4e1a517d7cac467ba7e68","sha512":"d978a686a20a64e22b30a1ea7341c03df8c49eb34e43d8d899770d5e1625b8c150cd226e8e0179003a7f908b41f0194001227db061aecda7cda227ae851329f6","ssdeep":"","tlshash":"2111784692a16260519b505d47ef521b33b22c1f2354c88abf9cb7511f8a226c4afbcd","size":873,"data":"","first_seen":"2025-03-29T17:52:07.752771Z","last_seen":"2026-05-17T17:43:43.828509Z","times_seen":144,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easybugz.site/soccer5/player/36.php","fqdn":"easybugz.site","domain":"easybugz.site","tld":"site"},"ip":{"addr":"193.108.130.21","port":443,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"18a1c054fc83fe66435fe4eaf55172d9","sha1":"38d8ff7acd56397fd82d94057340cd2627db3ef0","sha256":"6f20bf899a9d0bfae6897b5c4f59ade34bcbde823d51b71a5d7031ed6d728926","sha512":"7ee1ba70a72a9f614ac343b9c0d0cf6b169ce581794834f4ece6b4160bccd8b705bbc4781eb9736a48be4cda77b0ae00a7ef8c1987837c3a9fa2966404778cd2","ssdeep":"","tlshash":"f9c012272dd2083059efb66e511e93483570408764059c013d4c64e48e64fe651b9ac6","size":190,"data":"","first_seen":"2025-06-08T18:40:12.386901Z","last_seen":"2026-04-12T15:30:10.980639Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"3246170903b15e32b3e33bca3b81077b","sha1":"57cbf075fc270c7fb563ecea2e2e2a5566804951","sha256":"d4f76c94c180a7099c83c5e1e3c3accbb53bfd404355c7d20e59ee0e5219a594","sha512":"425929393bea20218f0f6a6809015c6e81a72608bf5be8addb9784db63d01cd6a17215a02d18c33c9821417ed70b5e46b35ad6bd98001896eaa0ac57ea0dbaa1","ssdeep":"","tlshash":"2e312b7fa24e261550bb62f2016be6741c90c3cb1d052ec3d028e68d54206f20b7f909","size":1792,"data":"","first_seen":"2025-12-28T20:21:30.797879Z","last_seen":"2025-12-28T20:21:30.797879Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"a5b06312cc4c5efb5269e710b2e13456","sha1":"83c951eb0645d64f9be706088fc534069030c064","sha256":"348d2920f663f21c2d7640621d9de8ec338f74ce2d58665b437f9ca68675d3be","sha512":"5fa3bbdcca1a5b77caa25e60f87be1d21507e41d9fbd83655d7c5cf160b315a76aaadac2f9b828eab9e08b8f4de90bfbf7cd30769c80a0b6bc8460926aecec67","ssdeep":"","tlshash":"9d31f7b8d99481580f30f4cf1ca3a571aba3297a99c7f1c581943a2a72b2bd7621072c","size":1522,"data":"","first_seen":"2025-12-28T20:21:30.798704Z","last_seen":"2025-12-28T20:21:30.798704Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","size":6454,"data":"","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f5cead98f856d9885ab4ac9f9a7ac74b","sha1":"7c378cbef64c384520c4bf6bcb87b440472a00d0","sha256":"c3175f3f7176ec34acf5b6f0240e126bf55a6518660afd5aa4370f9256702504","sha512":"30722cc3900a3f949f6cbd89b90ebc60b8805c4b8d7112686b4d7a52df11d76777a9a6ea91c23c2a38eb1450a9d8991b7c86d4e223024a5a4fda78f565234c3e","ssdeep":"","tlshash":"a0c08cc82f802c927520388eb60823c0ccc2078bb8a02681b219e008ace04232a0100a","size":145,"data":"","first_seen":"2025-11-09T15:29:37.081303Z","last_seen":"2025-12-31T20:44:29.708422Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easybugz.site/soccer5/player/36.php","fqdn":"easybugz.site","domain":"easybugz.site","tld":"site"},"ip":{"addr":"193.108.130.21","port":443,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3a0d3d40a5f84ae47bf0be6bfdd028c5","sha1":"c285ffc4fd32d27bfc910c63f9c360ddb8aca2c9","sha256":"4b825e4000538f58ff8f9d579fd0bc57f2a04fcf5a2b59d871bcf0f7d3293456","sha512":"ca5678a6f6b4feba88ad477d8744bafb3cf601151555322e206cd5bb357fe47a84dab0805dbbcd4a0c5afe731e325843afde1265abe70d0d8c5dc4deb2d3c976","ssdeep":"","tlshash":"d8a002285769447f64085210d97c0ad8a7b1120950b47714b3082e21815f54d2485317","size":65,"data":"","first_seen":"2025-06-08T18:40:12.390863Z","last_seen":"2026-04-12T15:30:10.994947Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-22T17:13:44.269022Z","times_seen":16658,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/88358e57c76702c177775242b8463ab2/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f669d701600e2506e4defb9d075a4902","sha1":"ad1a12ccfd1c8fd783c8735e4cc232019f53197d","sha256":"8b224d5b25a984b5ed41c5c52161b487c06d19660abc311a8f58b29a6be8f016","sha512":"a52190b7c6c4dd3351fc8b2636104e2d7497321856ad49e2588bac2d473712fa28ad30462def096a0c49477b2adc11149d8482fcb3912fafb186dd24f617dbae","ssdeep":"768:dB2EL/5+sNKlKMHLQTwkf0R6sYeLvLoK12G6FYc0Cbjf:dB2EV+aMHLQTwkf0bLDLoK12tFYNK7","tlshash":"a723fa5dbf92f006165f70b7376fa106b11a8c19680cd89cfa07fda46d68f05e837aa4","size":46263,"data":"","first_seen":"2025-12-28T20:21:30.783413Z","last_seen":"2026-01-03T15:16:23.779496Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"29234cbf35b408247b1479c07c962712","sha1":"5de380fe21d94e7a5648121d28dce71febbb3084","sha256":"655b925f6740f8db6cdceb44fa2e5cba558cc11a9c8053a081d833cc92045612","sha512":"f4ec67003e53fd26629f930ce7a5f09bb2a3206fe609e6586cfed5062ca7a67797c8d9069a635586820880d4b422bbdc7e183b35b954ddf81a5cfa34b4447426","ssdeep":"96:vNYFozlfRxdlhKgIeTJKZwqi8pB5CRk/PlAB/oLVdYVaSV81jDcCfMEDaH:tzLlhKteTJQpPCRknlAyYVaSivcCkCaH","tlshash":"4ea129789dc49578287270ef14b3e4246c61520f1c05fd82f49cf64a6fb0be20e6ae4c","size":4719,"data":"","first_seen":"2025-12-28T20:21:30.801638Z","last_seen":"2025-12-28T20:21:30.801638Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t.dtscout.com/pv/?_a=v\u0026_h=easybugz.site\u0026_ss=2daos08y5x\u0026_pv=1\u0026_ls=0\u0026_u1=1\u0026_u3=1\u0026_cc=no\u0026_pl=d\u0026_cbid=5ex8\u0026_cb=_dtspv.c","fqdn":"t.dtscout.com","domain":"dtscout.com","tld":"com"},"ip":{"addr":"104.26.11.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"62a762e727c2bb9d060afe2e0503aa68","sha1":"94be8b825c63f33b3285bf3b546f2afeeb25daf1","sha256":"9f9a1a843658494a6cecaaf60d7e6849afab88ae267c94b4d0f2c663950b597c","sha512":"5b615964a704211e5c854d3f00668c77546828c78b6b1eee0ebda141136bfcd6eac1458cf879cff214abde5c86efe04e0d14b202233a40d1cf5bf9de6f049677","ssdeep":"","tlshash":"4d90025864e194201bc9d7401066264446f103a115c05196947159341249780a65bdb8","size":52,"data":"","first_seen":"2025-12-28T20:21:30.771581Z","last_seen":"2025-12-28T20:21:30.771581Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"7895a969456cb16fbb46b03f035955dc","sha1":"2c71269b76d86d50f49c402131f5544d787527df","sha256":"a56ff375cba955cdfefd270b68fd69159e2b5f0e64e0779da68925c81ac17a5e","sha512":"a08ed70287ef997a9b64f1fec6d7339954dd76d7cdcfd95cfb1687ab7632058fd613568d7ea14f20b595dab62f878c6f54b4373aac6be61f1a726dc082d4b8fb","ssdeep":"","tlshash":"05b01249ce86cc96b01006d5d0aed2099e167784c550dcd9d6fee56deed6ed93c06308","size":121,"data":"","first_seen":"2025-11-09T15:29:37.095858Z","last_seen":"2026-01-03T15:16:24.202308Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"ea408a7eeb6e432a1846e3e1844cffd4","sha1":"7f60add0d07de1ea1a70df95fcabe7309a26fa33","sha256":"832480f4a0f84b6bce0ca31ed5c4d6936781d010189b4f37dba13fc2c161bbee","sha512":"1fdd34a47aa0dae6582367a402ce943030faaa35a90b3f3af52d6224959efab426ceb904fb541762bb56c508057f7a1067e560bc67d306fdc5a268fecaa9df98","ssdeep":"","tlshash":"afb0122fee17c40284100bd7c4eec15d5e11f768c250dcc9c1fb8aaa96d79ae6845244","size":121,"data":"","first_seen":"2025-11-09T15:29:37.097731Z","last_seen":"2026-01-03T15:16:24.204737Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c1f86751355c905acab5eb62fec74b7a","sha1":"891e63da25adecabb3767824cd5502a388cbd21d","sha256":"cd3e3c6b54653263e6f1e871836308506e14230fe28548c75fd1f40efe6b15aa","sha512":"ec1a12b37aa5071ce0cea9ee0e8e1dad2375c56649d82df53744b30b510f679bcbf8bff00beac4a34fab73a4d2be6f4a0204ba2402c7c8a5c52e81746adc995f","ssdeep":"","tlshash":"26e07df3ca05dc0c4e250a65e4d240c8e652af89f755a22477603c10115c81ab47064c","size":305,"data":"","first_seen":"2025-12-28T20:21:30.804738Z","last_seen":"2025-12-28T20:21:30.804738Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"sourshaped.com/impr.gif?sid=H4sIAAAAAAAC_1STvW8cxRvHZ50ozU_6RSEICdFcQQEIn-dlX2ZJgTAhKMJ5c4JSAMW8rT14b2fZ2b11XAUiUCSE5HSU6-ccW0CEgIIOKTpTEQkpR3VF3CDxDyClRuecZHiK52U-U3yf0Xe-2GkOEYNGTK9ecls2z8VS1Me9V27aQrvW9y7f6BHcx-d6N20Rh-d6m7NUDd8gLOzjV3vvGrXhligmGBNMehdsZTK3uXREwZYPUtJPcT-kfRKFsFn9d_ZNAF4EoIeH6DmwenL6z-wDsGoMxeCH88Zv1K58_Z1Bk4vaVTDU--8XG4VrCxgct1kVQFbsz2-D8xOEvl4AV-zPNwA33J1tANJO0MILT0AW-3OZIIf3nymVOZgCpP4ftMMxmPwArBiDcnfA6scIQGm4fAWKwd5lV7Xi1jMqZnSCTj79G2w7QSefPA_F4Pvl3G72rru8qa0rPGxmHdjNMdi1MZTNAdRbAdj2AFT9GVj9O1p6ugLFYPeKzx1YPX05IVEYYRkuUkHJYkg1XRSUJIvKMKF4mDLFzdET2WwMwi9A4wNobABNFkBTBjDQ016IeaiIYHGWapXgUIShNhKnnGIsUpVAoz4Fq7dBVbehrG7Dhr03QcHpAqrmIfj16c-cE85lQikRkTEJiWLGCFdEGyMxZ1pTodM4CxNMWZLgOGIJ1cpgzlKS8SiJJTMyMpqzLIwwV5jHkggtsCE8jYThoY5jwXESiVSGlAtOZMxEJI0gkaZZpmKRRFSyNCWKEoUJoWksMDYhw1zROGFUCSUZJRFLZRhjFWsMXgfgawRD3UFrELQeQSsQtBZBWyNoh919nXvquz2d-0aSeaXzyrqRq9d2xH1Xr5kCgai2odLdri0_8XdA1SdGW5nXIzdLQtbdSEjd7ZSH6MzMCsHeh5_Dhpn2OGcRN1GikjjBVJEkSZKIhlTyMGZCUvC2A-sXQPgAtuwEXVv9CEo7QafOrIAUB-DzA1D2LIjmJRDtKIw5iHWIMWwVP1X9dZFntR2Yqu-K3BYGtOugrE9CfSvYyQ_R2dHqjeWHR-ZcufQVGPUIzQNU1UFZdfCx_RXBWn53tOpatLvqWo9-vFLWdmC3xMy412tRm1Pfvmduta7SF8_77W_eUjMwax_cML5eEYW2xZpH3y1brU11wVXKoF8u-ptGXm38-nJTFU25cvXtCxcHZWW8t64Yg7CPzW-g7AT9_6_h0Zd87csXQZW3wZfHKr1DIEsEuUWQm-NzITvw_5rlcb_j78JaFYCo70Ax6GBYdTDMOxD5NvjmxKguq0dv_sGOAmQejGReoV2ZVzNup72MGaow5klMGM8MYaFWWcTDVMcCM2ag9hN77R7-JwAA__9LMoiiMAUAAA==","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:04.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1STvW8cxRvHZ50ozU_6RSEICdFcQQEIn-dlX2ZJgTAhKMJ5c4JSAMW8rT14b2fZ2b11XAUiUCSE5HSU6-ccW0CEgIIOKTpTEQkpR3VF3CDxDyClRuecZHiK52U-U3yf0Xe-2GkOEYNGTK9ecls2z8VS1Me9V27aQrvW9y7f6BHcx-d6N20Rh-d6m7NUDd8gLOzjV3vvGrXhligmGBNMehdsZTK3uXREwZYPUtJPcT-kfRKFsFn9d_ZNAF4EoIeH6DmwenL6z-wDsGoMxeCH88Zv1K58_Z1Bk4vaVTDU--8XG4VrCxgct1kVQFbsz2-D8xOEvl4AV-zPNwA33J1tANJO0MILT0AW-3OZIIf3nymVOZgCpP4ftMMxmPwArBiDcnfA6scIQGm4fAWKwd5lV7Xi1jMqZnSCTj79G2w7QSefPA_F4Pvl3G72rru8qa0rPGxmHdjNMdi1MZTNAdRbAdj2AFT9GVj9O1p6ugLFYPeKzx1YPX05IVEYYRkuUkHJYkg1XRSUJIvKMKF4mDLFzdET2WwMwi9A4wNobABNFkBTBjDQ016IeaiIYHGWapXgUIShNhKnnGIsUpVAoz4Fq7dBVbehrG7Dhr03QcHpAqrmIfj16c-cE85lQikRkTEJiWLGCFdEGyMxZ1pTodM4CxNMWZLgOGIJ1cpgzlKS8SiJJTMyMpqzLIwwV5jHkggtsCE8jYThoY5jwXESiVSGlAtOZMxEJI0gkaZZpmKRRFSyNCWKEoUJoWksMDYhw1zROGFUCSUZJRFLZRhjFWsMXgfgawRD3UFrELQeQSsQtBZBWyNoh919nXvquz2d-0aSeaXzyrqRq9d2xH1Xr5kCgai2odLdri0_8XdA1SdGW5nXIzdLQtbdSEjd7ZSH6MzMCsHeh5_Dhpn2OGcRN1GikjjBVJEkSZKIhlTyMGZCUvC2A-sXQPgAtuwEXVv9CEo7QafOrIAUB-DzA1D2LIjmJRDtKIw5iHWIMWwVP1X9dZFntR2Yqu-K3BYGtOugrE9CfSvYyQ_R2dHqjeWHR-ZcufQVGPUIzQNU1UFZdfCx_RXBWn53tOpatLvqWo9-vFLWdmC3xMy412tRm1Pfvmduta7SF8_77W_eUjMwax_cML5eEYW2xZpH3y1brU11wVXKoF8u-ptGXm38-nJTFU25cvXtCxcHZWW8t64Yg7CPzW-g7AT9_6_h0Zd87csXQZW3wZfHKr1DIEsEuUWQm-NzITvw_5rlcb_j78JaFYCo70Ax6GBYdTDMOxD5NvjmxKguq0dv_sGOAmQejGReoV2ZVzNup72MGaow5klMGM8MYaFWWcTDVMcCM2ag9hN77R7-JwAA__9LMoiiMAUAAA== HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzY3OTg3NywiayI6Ijg4MzU4ZTU3Yzc2NzAyYzE3Nzc3NTI0MmI4NDYzYWIyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MzI5NTAxLCJwaWQiOjM5NzY0NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyNywicHQiOjQsInBrIjoibmh0Z3J0d3YyciIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL2Vhc3lidWd6LnNpdGUvc29jY2VyNS9wbGF5ZXIvMzYucGhwIiwidHoiOjEsImFyIjpbXX19.yigjsKLztdE8YuQuoAmuTD4HpXxiVXG7DIQTnck6hHM; uid_id2=715450b4-2a21-42d2-a217-ce3ac8493c8e:2:1; pdhtkv=true; uncs=1; pdhtkv27=true; uncs27=1; u_pl27679877=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Dec 2025 20:21:04 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 4\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a59531a3651ca6b7f3ba2beb0be7987f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-22T17:19:51.364304Z","times_seen":15564649,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybugz.site/bannerads.js","fqdn":"easybugz.site","domain":"easybugz.site","tld":"site"},"ip":{"addr":"193.108.130.21","port":443,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:03.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"easybugz.site","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 08 Nov 2025 12:33:35 GMT","end":"Fri, 06 Feb 2026 12:33:34 GMT"},"fingerprint":{"sha1":"FE:6B:1A:DF:61:78:25:17:27:50:6B:68:E8:45:E8:90:CB:56:E6:9D","sha256":"85:51:CE:47:98:6C:CB:0B:E5:26:9B:62:82:E5:1B:76:B7:1D:0E:0A:E6:A0:A0:43:14:32:E8:BE:0D:8A:B0:4F"}}},"request":{"raw":"GET /bannerads.js HTTP/1.1\r\nHost: easybugz.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybugz.site/soccer5/player/36.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 04 Jan 2026 20:21:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 04 Oct 2025 13:05:00 GMT\r\netag: \"2b7-68e11b7c-84ef398bc9945102;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 232\r\ndate: Sun, 28 Dec 2025 20:21:03 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":695,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"1972efb18561923059d7ffb8004acb91","sha1":"df08da8c77e7e073984dce18c629e6ac9f8b1399","sha256":"7d76bdc49f89b41ee4d890cf53f0caf4d29d0b6e343dc4da8dad73c8a5a7a77c","sha512":"c36546e51bcf9a322201b837d719251e79f5a470169200282cc1d93c4d5c64675d15eaec4e593ee5fa980b00c13f5b0bc98b294c3ce389383598d98360596e8b","ssdeep":"","tlshash":"c101996d5983f89090610cbfc05d41882a70a22be940ace13a7f96598fddd6d18a2e38","first_seen":"2025-11-09T15:29:37.014977Z","last_seen":"2026-01-03T15:16:23.295833Z","times_seen":9,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"easybugz.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"techydeals.store/iframe/36.php","fqdn":"techydeals.store","domain":"techydeals.store","tld":"store"},"ip":{"addr":"193.108.130.21","port":443,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:03.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.techydeals.store","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Dec 2025 01:20:33 GMT","end":"Thu, 05 Mar 2026 01:20:32 GMT"},"fingerprint":{"sha1":"D3:4D:C8:73:AE:61:64:09:7D:F7:A1:ED:5C:10:A2:D0:6C:41:19:3E","sha256":"F9:18:E0:E9:B4:EA:95:64:79:C5:99:92:E4:1A:98:87:BE:88:5C:F3:89:FB:60:47:D8:39:99:2C:9A:04:4E:B0"}}},"request":{"raw":"GET /iframe/36.php HTTP/1.1\r\nHost: techydeals.store\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybugz.site/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-powered-by: PHP/8.3.23\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 177\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ndate: Sun, 28 Dec 2025 20:21:03 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:8.3.23","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":329,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"c01d004fe3b0b94553b1bfc0974fe9ca","sha1":"c9b56d97b7aff94c83bce393205fb645ca2fe999","sha256":"12f01e87a67b8ff5ec0119611670ac1498bea893ca36714086f89f3331550d16","sha512":"2a9a6247a4547db1c92230004c7b3db80581b98e921c21912770fdc364119b61c89b387b10389d00ec813078f75e43e55013df0d04adb5907b470d1ad022d2d3","ssdeep":"","tlshash":"bfe0c285ed02d14684491694c6f5e10df2459237d386c8c63b9da566cf047ec2c31694","first_seen":"2025-12-28T20:21:30.766853Z","last_seen":"2025-12-28T20:21:30.766853Z","times_seen":1,"resource_available":false,"data":null}},"time_used":472,"timings":{"blocked":226,"dns":178,"connect":15,"send":0,"wait":19,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t.dtscout.com/i/?l=https%3A%2F%2Feasybugz.site%2Fsoccer5%2Fplayer%2F36.php\u0026j=\u0026wk=evzhqy75bn","fqdn":"t.dtscout.com","domain":"dtscout.com","tld":"com"},"ip":{"addr":"104.26.11.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:03.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dtscout.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Dec 2025 16:30:40 GMT","end":"Fri, 27 Mar 2026 17:30:26 GMT"},"fingerprint":{"sha1":"EE:6E:B4:B9:88:07:D3:25:5C:F9:6D:C8:5B:09:7C:37:0D:91:F0:E5","sha256":"3F:E4:11:CF:0F:3D:45:BA:19:B6:42:98:24:21:FC:C2:EB:1C:21:CC:09:23:A5:83:15:EF:89:C8:0D:BC:77:40"}}},"request":{"raw":"GET /i/?l=https%3A%2F%2Feasybugz.site%2Fsoccer5%2Fplayer%2F36.php\u0026j=\u0026wk=evzhqy75bn HTTP/1.1\r\nHost: t.dtscout.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybugz.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-s: mtl2\r\nset-cookie: df=1766953263; Domain=dtscout.com; Expires=Tue, 07-Apr-2026 20:21:03 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure\r\nx-t: 0.491\r\nexpires: Sun, 28 Dec 2025 20:21:02 GMT\r\ncache-control: no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JNRhgsPvs8y64p2VmoUZIYLBFkYo12HJ0q%2BRvrSqXDq%2BihmaN%2BEwYVENKPLVCI%2FYVaKFF57nD0SLCJqzmtv8EqT4fy5l0brpMLE%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9b53c30a9b8856b1-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2292,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2077)","md5":"8450c234da2df92a0c33a47c5aabf6e6","sha1":"0ea50308805f927f1e9ce37a96d44f27e01cdf8e","sha256":"c67ad82f6fe5a742115d0d041e403c18df8da6486fa0dd5fc785d4bb58458ac9","sha512":"1ea70b0b047651af5f5496bdbfac4574dad62bef73132ad667c194c375382c36ea62c24f37a4c2882d6e644846f5b866720a8b33cad3e4e650fa6b9fa0331de8","ssdeep":"","tlshash":"1f41880bb5e5347803e2006965ff635fb5330928bc5784c08596dc04fd749fad1b6eaa","first_seen":"2025-11-28T22:59:20.195769Z","last_seen":"2026-05-22T17:07:03.447412Z","times_seen":3159,"resource_available":true,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":5,"connect":1,"send":0,"wait":231,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"deepcathink.com/embed.js","fqdn":"deepcathink.com","domain":"deepcathink.com","tld":"com"},"ip":{"addr":"104.21.12.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://techydeals.store/iframe/36.php","date":"2025-12-28T20:21:03.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"deepcathink.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 06:30:11 GMT","end":"Sun, 08 Mar 2026 07:27:57 GMT"},"fingerprint":{"sha1":"23:BA:CC:FC:CF:47:57:92:14:AD:6C:85:6A:1C:E7:34:D5:53:6C:71","sha256":"0C:D0:9A:9E:16:52:5E:9D:D4:65:77:C0:BB:A4:B5:29:4E:7D:A1:05:F5:14:E7:E6:05:30:94:EA:EF:61:EC:A8"}}},"request":{"raw":"GET /embed.js HTTP/1.1\r\nHost: deepcathink.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://techydeals.store/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Dec 2025 20:21:03 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 04 Jul 2025 19:01:32 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"6868250c-4e1\"\r\ncontent-encoding: gzip\r\nage: 3598\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8uMv02FIbyArU4lxlw5xVgnPJzbekq4CRYKpkwS9wrr%2F0AQtFfxap7lxKW5jNqkBBhDD9MP1iJfWqHZgZX9StFoLsubcBKXyJurphZM%3D\"}]}\r\ncf-ray: 9b53c30b6a17568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1249,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (322)","md5":"da0b7383c6834c8839c2f3538bdd8705","sha1":"ef4e75e4828c9ca50d11dca975e1e7a7e4752e8f","sha256":"cb5d314f472c946325efbee460ff6980db27378472dbb51884c1a286389f1d9b","sha512":"9f233c1407b7e6831c91c8b46c36e38c3823d94de1dbf408331725e1976e6822ca3d7d91ea1e39ec06e04d98bc48bbf441c308e8b1fa27f0841640ad01c59b03","ssdeep":"","tlshash":"c821eb65fee2b40989733869886f800478b6840b9e1e4d80759c5ea0af60c2954a3aac","first_seen":"2025-11-15T18:46:41.829114Z","last_seen":"2026-01-11T20:48:41.717046Z","times_seen":6,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":51,"dns":23,"connect":1,"send":0,"wait":10,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/watch.363212471143.js?key=88358e57c76702c177775242b8463ab2\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Feasybugz.site%2Fsoccer5%2Fplayer%2F36.php\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=715450b4-2a21-42d2-a217-ce3ac8493c8e%3A2%3A1\u0026shu=88188b7221a5ee71563318c1deeb083dd2ad96f4702377065372dce08391f8576b3eb5ed83f4508c086b1ada0e1895ae84d66a8075a9b428a81b63a5bea15d2ffc6a752b3991c21c011296a00e4308c26732cacb321539b460c6d0\u0026pst=1766953324\u0026rmtc=t","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:04.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /watch.363212471143.js?key=88358e57c76702c177775242b8463ab2\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Feasybugz.site%2Fsoccer5%2Fplayer%2F36.php\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=715450b4-2a21-42d2-a217-ce3ac8493c8e%3A2%3A1\u0026shu=88188b7221a5ee71563318c1deeb083dd2ad96f4702377065372dce08391f8576b3eb5ed83f4508c086b1ada0e1895ae84d66a8075a9b428a81b63a5bea15d2ffc6a752b3991c21c011296a00e4308c26732cacb321539b460c6d0\u0026pst=1766953324\u0026rmtc=t HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://easybugz.site\r\nReferer: https://easybugz.site/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzY3OTg3NywiayI6Ijg4MzU4ZTU3Yzc2NzAyYzE3Nzc3NTI0MmI4NDYzYWIyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MzI5NTAxLCJwaWQiOjM5NzY0NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyNywicHQiOjQsInBrIjoibmh0Z3J0d3YyciIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL2Vhc3lidWd6LnNpdGUvc29jY2VyNS9wbGF5ZXIvMzYucGhwIiwidHoiOjEsImFyIjpbXX19.yigjsKLztdE8YuQuoAmuTD4HpXxiVXG7DIQTnck6hHM\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Dec 2025 20:21:04 GMT\r\nContent-Type: text/html\r\nContent-Length: 3180\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://easybugz.site\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=715450b4-2a21-42d2-a217-ce3ac8493c8e:2:1; expires=Sun, 04 Jan 2026 20:21:04 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Mon, 29 Dec 2025 20:21:04 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Mon, 29 Dec 2025 20:21:04 GMT; path=/; secure; SameSite=None\npdhtkv27=true; expires=Mon, 29 Dec 2025 20:21:04 GMT; path=/; secure; SameSite=None\nuncs27=1; expires=Mon, 29 Dec 2025 20:21:04 GMT; path=/; secure; SameSite=None\nu_pl27679877=1; expires=Mon, 29 Dec 2025 20:21:04 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 23\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d8611cdbfbc3840c4c3dc01dbde4d289\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4587,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3711)","md5":"5ede3ae58757718c61274d779f145c96","sha1":"dfafa2c68a652887592dc80784ee91b9e1b72cc8","sha256":"9702ec420025b3ef7c454e73654d528aec351ef87578a8cf16387995b3f5dd4e","sha512":"dd860654db0806f7a7e7ef02482c6a8c7b76b79531052bc8918f041ed0c6dbd38b0509ba049501d81b26303ae6b14c846a5846dc7be70d13ee01662b5b6717b5","ssdeep":"96:sIfozaldtDFBaTN7JdfCfCYm5H4+Ftk/RLqob2A/g+B31ZD8CfMEDaH:xAziFEZ7JoMYStkpLqoyefFV8CkCaH","tlshash":"43913bb7afa0d1681d2761bfa41efa5c3d21e00f6e04dc407aceed052f151a09d289cc","first_seen":"2025-12-28T20:21:30.76915Z","last_seen":"2025-12-28T20:21:30.76915Z","times_seen":1,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":119,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-latest.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23","date":"2025-12-28T20:21:04.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-latest.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://deepcathink.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-4508e\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\nage: 2195562\r\nx-served-by: cache-lga21958-LGA, cache-hel1410032-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 14380, 129569\r\nx-timer: S1766953264.434141,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 83875\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":282766,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"3d93b072d14f2bd1ede58f4847f537fd","sha1":"73e5d044bd153dd912930e8be433059454ce19cd","sha256":"3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc","sha512":"78ac19342bee3a1c5ca864d702e742f561f629429ff0877572a36831ce83299b8df2ea4bdb6c63dd990975c9320dddc68ec8b5407299dee8345d01d090644d26","ssdeep":"6144:eOWehmnQcHCAkwxc5cr4OfXKDoZOVJFpq3aK182bHjI1fusA2rM3:etJ4OfDZ2Is1fLAx3","tlshash":"6f54b6d8f78d112e4232316aad2f52cdbb7cd1b1561058aebd8d597c249083c42faf7a","first_seen":"2023-03-07T01:25:17Z","last_seen":"2026-05-22T16:08:38.752261Z","times_seen":6017,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":59,"dns":5,"connect":14,"send":0,"wait":16,"receive":20,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@clappr/player@0.8/dist/clappr.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23","date":"2025-12-28T20:21:04.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/@clappr/player@0.8/dist/clappr.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://deepcathink.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 0.8.0\r\nx-jsd-version-type: version\r\netag: W/\"9a048-VUE4kN104YCisqBJlMQIdr2LF2k\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 28057\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\nx-served-by: cache-fra-etou8220111-FRA, cache-hel1410023-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 177874\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":630856,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9f7ee162594292d8a7cd8c88a8e2318d","sha1":"55413890dd74e180a2b2a04994c40876bd8b1769","sha256":"f0243f6e2395c077f4ae46ae4b1d969090d64106387b45cb39a28bbdb07e6752","sha512":"8b0f5034c5c9260a98cdafab67457668a45c115679929c18eb3674470ce5b53c6238b9830627a7ffc125dfb8c115c548e734db0133174d889d11a8c643954933","ssdeep":"6144:e4tMAsCnJlgzoi3QaUS3+03cJibkLLQNjnMWWzr2EfpuXyEZloW/GHH0eOwuqyyv:rsPJxuijUQNjMWUrpuXRloWWuudhz","tlshash":"e4d44ca932d5603246d2a5d9503a4202a339b90b3045c1ecfa3efdd75fa5d4ab07bf78","first_seen":"2024-08-14T20:52:02Z","last_seen":"2026-05-17T17:43:59.354073Z","times_seen":634,"resource_available":true,"data":null}},"time_used":466,"timings":{"blocked":199,"dns":7,"connect":18,"send":0,"wait":15,"receive":37,"ssl":183},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=974\u0026rd=974\u0026fd=578\u0026bv=25.12.4806\u0026tmpl=70","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://techydeals.store/iframe/36.php","date":"2025-12-28T20:21:04.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 22:08:08 GMT","end":"Wed, 25 Mar 2026 22:08:07 GMT"},"fingerprint":{"sha1":"BE:03:A2:AD:89:FD:C3:94:0E:B0:AC:88:9E:E3:AD:33:6F:39:72:EA","sha256":"86:5E:AF:03:20:81:8A:65:09:C9:A1:D4:22:8C:8B:1F:82:60:C9:82:6B:01:09:E8:98:E2:F3:DA:A8:3C:D5:71"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=974\u0026rd=974\u0026fd=578\u0026bv=25.12.4806\u0026tmpl=70 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://techydeals.store/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Dec 2025 20:21:04 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-22T17:19:51.364304Z","times_seen":15564649,"resource_available":true,"data":null}},"time_used":681,"timings":{"blocked":274,"dns":14,"connect":93,"send":0,"wait":106,"receive":0,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:03.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybugz.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Dec 2025 20:21:03 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3403\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 5\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: bec66d0b6161998c4d9bab072ae49641\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":6454,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6454), with no line terminators","md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"resource_available":true,"data":null}},"time_used":690,"timings":{"blocked":292,"dns":5,"connect":93,"send":0,"wait":104,"receive":0,"ssl":193},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/watch.1683966096110.js?key=781cfdb4acd53abd3de7fdeb77c533a4\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Feasybugz.site%2Fsoccer5%2Fplayer%2F36.php\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=46a6f9e9-6a7c-4a87-ba48-1fa9da54b308%3A2%3A1","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:03.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /watch.1683966096110.js?key=781cfdb4acd53abd3de7fdeb77c533a4\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Feasybugz.site%2Fsoccer5%2Fplayer%2F36.php\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=46a6f9e9-6a7c-4a87-ba48-1fa9da54b308%3A2%3A1 HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://easybugz.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybugz.site/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Dec 2025 20:21:04 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://easybugz.site\r\naccess-control-allow-credentials: true\r\nlocation: https://realizationnewestfangs.com/watch.1683966096110.js?key=781cfdb4acd53abd3de7fdeb77c533a4\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Feasybugz.site%2Fsoccer5%2Fplayer%2F36.php\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=46a6f9e9-6a7c-4a87-ba48-1fa9da54b308%3A2%3A1\u0026shu=99c5caeab5ca05a9767e6c233f89579735f563d885a9ebf3167144c234691459a9b9cb14693ab264139bfb779911688171a61dae132934420e158f99f001dcbb6eb649800a960628508e8a3484970b0173cdfc4d9b1b560d654e\u0026pst=1766953324\u0026rmtc=t\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzY3OTg0OSwiayI6Ijc4MWNmZGI0YWNkNTNhYmQzZGU3ZmRlYjc3YzUzM2E0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MzI5NTAxLCJwaWQiOjM5NzY0NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyMywicHQiOjQsInBrIjoiZWVjMG5uMzV1dSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL2Vhc3lidWd6LnNpdGUvc29jY2VyNS9wbGF5ZXIvMzYucGhwIiwidHoiOjEsImFyIjpbXX19.JogKoX6ZVKslU4cye6vyCobW2h13d-pVHpReJAmKCxA; expires=Sun, 28 Dec 2025 20:22:04 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9dbe17ba9e94a3d82b59f29ae3835766\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4751,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-22T17:19:51.364304Z","times_seen":15564649,"resource_available":true,"data":null}},"time_used":628,"timings":{"blocked":243,"dns":2,"connect":91,"send":0,"wait":98,"receive":1,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"t.dtscout.com/pv/?_a=v\u0026_h=easybugz.site\u0026_ss=2daos08y5x\u0026_pv=1\u0026_ls=0\u0026_u1=1\u0026_u3=1\u0026_cc=no\u0026_pl=d\u0026_cbid=5ex8\u0026_cb=_dtspv.c","fqdn":"t.dtscout.com","domain":"dtscout.com","tld":"com"},"ip":{"addr":"104.26.11.2","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:04.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dtscout.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Dec 2025 16:30:40 GMT","end":"Fri, 27 Mar 2026 17:30:26 GMT"},"fingerprint":{"sha1":"EE:6E:B4:B9:88:07:D3:25:5C:F9:6D:C8:5B:09:7C:37:0D:91:F0:E5","sha256":"3F:E4:11:CF:0F:3D:45:BA:19:B6:42:98:24:21:FC:C2:EB:1C:21:CC:09:23:A5:83:15:EF:89:C8:0D:BC:77:40"}}},"request":{"raw":"GET /pv/?_a=v\u0026_h=easybugz.site\u0026_ss=2daos08y5x\u0026_pv=1\u0026_ls=0\u0026_u1=1\u0026_u3=1\u0026_cc=no\u0026_pl=d\u0026_cbid=5ex8\u0026_cb=_dtspv.c HTTP/1.1\r\nHost: t.dtscout.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybugz.site/\r\nCookie: df=1766953263\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-t: 0.201\r\nx-c: 0\r\nexpires: Sun, 28 Dec 2025 20:21:03 GMT\r\ncache-control: no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XVEiUof%2F%2BaGHE5Rr5nJ9e42GZUmF1Y0YkQHmuiKAHrn%2Fh%2B%2FONVii8u%2FIxvSzEg1wjMGRAglaodx2E6UXpqdFAOyl%2B0In4oPPEKk%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9b53c30c4d2b56b1-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"62a762e727c2bb9d060afe2e0503aa68","sha1":"94be8b825c63f33b3285bf3b546f2afeeb25daf1","sha256":"9f9a1a843658494a6cecaaf60d7e6849afab88ae267c94b4d0f2c663950b597c","sha512":"5b615964a704211e5c854d3f00668c77546828c78b6b1eee0ebda141136bfcd6eac1458cf879cff214abde5c86efe04e0d14b202233a40d1cf5bf9de6f049677","ssdeep":"","tlshash":"4d90025864e194201bc9d7401066264446f103a115c05196947159341249780a65bdb8","first_seen":"2025-12-28T20:21:30.771581Z","last_seen":"2025-12-28T20:21:30.771581Z","times_seen":1,"resource_available":true,"data":null}},"time_used":309,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p.mrktmtrcs.net/mm.js","fqdn":"p.mrktmtrcs.net","domain":"mrktmtrcs.net","tld":"net"},"ip":{"addr":"104.26.14.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:04.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mrktmtrcs.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 21:25:16 GMT","end":"Tue, 24 Feb 2026 22:25:15 GMT"},"fingerprint":{"sha1":"B1:B8:C8:FB:D8:BE:16:F2:FB:48:B3:17:B3:16:C6:A6:D3:7C:6B:5D","sha256":"58:4E:5B:73:64:D3:A0:B0:A4:BA:45:97:C8:DB:73:B2:47:3A:B6:A3:8B:B5:21:4A:41:5D:DF:62:81:07:80:F8"}}},"request":{"raw":"GET /mm.js HTTP/1.1\r\nHost: p.mrktmtrcs.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybugz.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 21 May 2025 20:03:03 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FA%2FO%2FCz%2B1vJhMVjEbM8WF0nsTYvFHibA0ZU0k68es%2FtdndyRjMyy5dfq%2FGhRfZNDnA9HOFVaTSR9ToGj3l9DS6p5wDkGa3nU%2BAFAI9aG\"}]}\r\nage: 5435\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"682e3177-9c10\"\r\ncontent-encoding: br\r\ncf-ray: 9b53c30c8c01b28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39952,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (30767)","md5":"67cda29c6b95cb5eb8c4960490502a19","sha1":"ac6700bfe19f0580cccf51bddf2a7310d31a833c","sha256":"6ed6986bfeafe3a3bab8174b435e96c3ca8e216c3c7941b20c3e4984087f9e0b","sha512":"c5d6bdfb04022d8f3ff82c95c1c938a3aec4246a9fefc40a2e96b12e42295fe8d578c983b399ca86493f3481b113f685d27e20e2cd19000efab176a6b7ab578f","ssdeep":"768:Iudg8MPdH/EeIO5V1gPk5Te1pCeKSreGdRY8ZqM0wTo:IHEelgvZnAVQo","tlshash":"9403192ee3a2761003abf19dd90b50003e35541bea41f8a4bdecb581ff958a512bf7b5","first_seen":"2025-07-17T20:43:49.34962Z","last_seen":"2026-05-22T17:07:03.443392Z","times_seen":3227,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":31,"dns":6,"connect":1,"send":0,"wait":8,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"deepcathink.com/css/embed.css?ver=1.4.4","fqdn":"deepcathink.com","domain":"deepcathink.com","tld":"com"},"ip":{"addr":"104.21.12.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23","date":"2025-12-28T20:21:04.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"deepcathink.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 06:30:11 GMT","end":"Sun, 08 Mar 2026 07:27:57 GMT"},"fingerprint":{"sha1":"23:BA:CC:FC:CF:47:57:92:14:AD:6C:85:6A:1C:E7:34:D5:53:6C:71","sha256":"0C:D0:9A:9E:16:52:5E:9D:D4:65:77:C0:BB:A4:B5:29:4E:7D:A1:05:F5:14:E7:E6:05:30:94:EA:EF:61:EC:A8"}}},"request":{"raw":"GET /css/embed.css?ver=1.4.4 HTTP/1.1\r\nHost: deepcathink.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 29 Oct 2021 09:08:53 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"617bba25-219\"\r\ncontent-encoding: gzip\r\nage: 3597\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r9Y9j0YAgZdZMuB25imwvgfZV5gSvlkJ1k81pweyZSF3oXuGjxYf2eF4iS6frCkYT%2BYYx7AsmQmaCqA1HKB%2BUiJLAWNP6wJtbypE9k4hzQ%3D%3D\"}]}\r\ncf-ray: 9b53c30e38ba4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":537,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"5d1a4982bf5af51f75154543a5c87dcb","sha1":"041b9fa8a7c04cd0be4771c2cfb0dcd11092a042","sha256":"b6d02adae86bbc34515c89f74666d2837fc87d6046e204de27258c279fa47fcf","sha512":"2c312fff92f2cc0a2a1e0ca962dcd95ccefa97e3f1ebf6d7a4c82f9ea70f7d94ce4c52eba61944ba93fa243be8adf88cbb1433e311ecaac131a1db5d19f7d4be","ssdeep":"","tlshash":"14f046708bab3c09d009a049dac2be59b62f4078680e4ea0961e3bb9c59e1c219d9f48","first_seen":"2023-06-10T20:58:54Z","last_seen":"2026-03-19T21:40:26.48208Z","times_seen":145,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-migrate-1.2.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23","date":"2025-12-28T20:21:04.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-migrate-1.2.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://deepcathink.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-1c1f\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\nage: 4162596\r\nx-served-by: cache-lga21931-LGA, cache-hel1410032-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 5, 37166\r\nx-timer: S1766953264.433311,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 3063\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7199,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (7085)","md5":"eb05d8d73b5b13d8d84308a4751ece96","sha1":"743052320809514fb788fe1d3df37fc87ce90452","sha256":"1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d","sha512":"7b68a43a22a41404a2ff58e0da6a237492cad0fc3e56d216980802b4d5fb483895262a7e049340d6670002bdf899ba88c319239e60d0aae1ac31d98556b0ad6e","ssdeep":"96:tBySz91Gwyk35YrfBewIt9jKLKDs2SFNK7wIDBRANyCfVJ45NI:zySzvGw/35YbMx9jKLKD3UIDBR8VVUq","tlshash":"3fe196dc72aab5611ffa30a8503bd21b72b25aec140d95a4f08ccde5392cc5d413ab7e","first_seen":"2023-03-07T01:02:56Z","last_seen":"2026-05-22T16:47:42.042093Z","times_seen":22869,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":52,"dns":4,"connect":15,"send":0,"wait":15,"receive":1,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"63.182.60.117","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://techydeals.store/iframe/36.php","date":"2025-12-28T20:21:04.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://techydeals.store\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://techydeals.store/\r\nCookie: uid_id2=715450b4-2a21-42d2-a217-ce3ac8493c8e:2:1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://techydeals.store\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"55fcdfbbdc4bd57c8682b5367355a94f","sha1":"2fb33e1945502ab17dca3d3070eff209a7a464a6","sha256":"764ab647419c18a82d490e2c10542dc017973f8490dda05c4bbd6ecf5ece7e04","sha512":"66cac7003a501825be53898cce9d595449916df7489458f09a2926dccff995099ece1c913c87b3cc826523abed533a618f34228a06a40bd3d98a01f3d904fb5e","ssdeep":"","tlshash":"78900434011f501ddff44440330c04cc11134d1713d471043cc0d0c57511c10115d434","first_seen":"2025-12-28T20:21:30.773958Z","last_seen":"2025-12-28T20:21:30.773958Z","times_seen":1,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:03.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybugz.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Dec 2025 20:21:04 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3403\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 6fe72803479106576bae1dfc02cd4d6b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":6454,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6454), with no line terminators","md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"resource_available":true,"data":null}},"time_used":713,"timings":{"blocked":303,"dns":14,"connect":92,"send":0,"wait":100,"receive":5,"ssl":195},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23","date":"2025-12-28T20:21:04.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:05:50 GMT","end":"Thu, 05 Feb 2026 05:05:47 GMT"},"fingerprint":{"sha1":"CE:AE:8E:FE:2A:86:03:2B:16:43:FF:98:36:53:B2:ED:10:BF:FD:23","sha256":"95:CB:A8:7B:9C:88:98:F1:EF:D6:C9:79:E1:98:63:76:71:B7:BD:E2:89:6D:CD:55:61:DB:C0:4E:B1:1E:67:F7"}}},"request":{"raw":"GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1\r\nHost: maxcdn.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://deepcathink.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncf-ray: 9b53c30e6d21b51b-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"5869c96cc8f19086aee625d670d741f9\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:00 GMT\r\ncdn-cachedat: 05/12/2025 11:50:50\r\ncdn-proxyver: 1.27\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1047\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: b1b9160e81bab8e089937fec86a3f9ec\r\ncdn-cache: HIT\r\nage: 1740982\r\ncf-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37045,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32033)","md5":"5869c96cc8f19086aee625d670d741f9","sha1":"430a443d74830fe9be26efca431f448c1b3740f9","sha256":"53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef","sha512":"8b3b64a1bb2f9e329f02d4cd7479065630184ebaed942ee61a9ff9e1ce34c28c0eecb854458977815cf3704a8697fa8a5d096d2761f032b74b70d51da3e37f45","ssdeep":"768:o2rGy27UwlNqMl95qNmCFejhqs8snmi+CSFXfbx8Gf3Zq7Q:Jg73zhq0GvbJ3ZKQ","tlshash":"b6f28606b23031a147efb1e1525b020e7239696ee906907c78b99af53db9c48717bf3d","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-05-22T17:07:11.125569Z","times_seen":87564,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":15,"dns":2,"connect":1,"send":0,"wait":16,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"deepcathink.com/js/aclib.js","fqdn":"deepcathink.com","domain":"deepcathink.com","tld":"com"},"ip":{"addr":"104.21.12.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23","date":"2025-12-28T20:21:04.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"deepcathink.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 06:30:11 GMT","end":"Sun, 08 Mar 2026 07:27:57 GMT"},"fingerprint":{"sha1":"23:BA:CC:FC:CF:47:57:92:14:AD:6C:85:6A:1C:E7:34:D5:53:6C:71","sha256":"0C:D0:9A:9E:16:52:5E:9D:D4:65:77:C0:BB:A4:B5:29:4E:7D:A1:05:F5:14:E7:E6:05:30:94:EA:EF:61:EC:A8"}}},"request":{"raw":"GET /js/aclib.js HTTP/1.1\r\nHost: deepcathink.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Dec 2025 20:00:02 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69518c42-956c8\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gof5AKFq0MBNndCtnmwaOAm6b0tfaaommFJrDdB1u43w0YDUT89vewlD%2F5Whzi%2FWwC6XV9ENjh0L7hBzhRFWvm1rqfm4Lp8UwfmgORLjbw%3D%3D\"}]}\r\ncf-ray: 9b53c30e48be4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":612040,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"c013ff907791ef4866a3bdf9fd1fa2a2","sha1":"fb405098e78a768728804ae851af041bc3deed39","sha256":"c46cc4d4716e04b54768c1ffb1a1d8576faf91ab531743e4cd1b4a5f0d380b9e","sha512":"92ccd700cafee9f84e6983273cb9b3c54fc02fc155522a7d9a0250c441cd0677fbae35cd6c21f3f8b2c1c48326212ca66675d759eaa2e84d4725903f363ffacc","ssdeep":"12288:VdqeHntKnhYZiahM40lN0R5Jr9OnaYuqFFObnpe9AUTpKWZVfmuenM5xkr:VHtbhM40/0RRIZDFObnpe9AUTpKWZVar","tlshash":"32d4501837844587371b4ebb773ba5d1e40b38da7609488ff6087c65a1965a3fbe8332","first_seen":"2025-12-28T20:21:30.775316Z","last_seen":"2025-12-28T20:21:30.775316Z","times_seen":1,"resource_available":false,"data":null}},"time_used":650,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":284,"receive":366,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/6e/e8/bb/6ee8bbd47df94580c59d30192b3e3986/1755792846.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:04.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/6e/e8/bb/6ee8bbd47df94580c59d30192b3e3986/1755792846.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 56175\r\nserver: nginx/1.21.6\r\nlast-modified: Thu, 21 Aug 2025 16:14:06 GMT\r\netag: \"68a745ce-db6f\"\r\nexpires: Tue, 30 Dec 2025 20:21:04 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56175,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2023:02:16 18:27:24], baseline, precision 8, 728x90, components 3","md5":"234d080e0ed545d0eb9da1f326943a46","sha1":"483c3e817fcad049e3b46fa237cc4330056c96f4","sha256":"7c3e30925daff2cfb25cf7187dbbb2fa91ded312be5252b9d8f584f21053d4fb","sha512":"6837094e4cb540b6e1970f2b60dcf8282b595fe7ba8c821f261be1d5af7d2c7c58f1395e454ac65d76d463e3da7f36d87863aacb9b8c596f5c1bd7048dfc351a","ssdeep":"768:ZoWOiWoWE3UfIu2Y6I2tbbGJ2tAtA0vQuxfydBAB8ZCrU8htqmEZUZdVv3qrqy4G:Zo/ozk/E8JZtA0Po2VbGm3Vv3dtiXni8","tlshash":"5043ad257a608e51e8c8353a81fcd856e3f30ed45e37a78e7fac5e043f649498c98297","first_seen":"2023-11-28T04:56:50Z","last_seen":"2026-05-19T08:00:14.354481Z","times_seen":317,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":50,"dns":1,"connect":20,"send":0,"wait":40,"receive":13,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/781cfdb4acd53abd3de7fdeb77c533a4/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:02.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 22:06:14 GMT","end":"Mon, 09 Mar 2026 22:06:13 GMT"},"fingerprint":{"sha1":"FF:6C:F9:E0:24:86:DF:99:47:19:6C:03:2B:17:E7:3B:21:C6:76:11","sha256":"7D:B7:58:57:35:4C:C8:CB:D1:EC:C1:9D:A7:81:D0:9A:64:F9:9A:AD:FF:AB:A6:C6:0B:D3:97:CC:AE:D6:5E:A2"}}},"request":{"raw":"GET /781cfdb4acd53abd3de7fdeb77c533a4/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybugz.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Dec 2025 20:21:03 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18503\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b30d12591f12ebab642d0b16a7eeeb7b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46311,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46311), with no line terminators","md5":"8db5683da256d1ad453602cbe0e4e2c7","sha1":"e71a06831f3ace38eff397e542d79ae50b310b5b","sha256":"e2313c06fdfddaff0d42991fb6ab39fdd6fac188e6979794385d98b975226459","sha512":"79aab03e479247fbf657cf1c83d620d1d19d17025b1a39e0509207bc358909d37f45e02aaca9d2f44e9836513eec80fbed21b315febdf6f48a34f12c70439308","ssdeep":"768:dB2Ee/5+sNKlKMHLQTwkf0R6sYeLvLoK12G6FYc0CX8C:dB2Em+aMHLQTwkf0bLDLoK12tFYNKB","tlshash":"b223fa5dbf92f006165f70b7372fa106b15a8c19280cd88cfa07fda46d68f05e837aa4","first_seen":"2025-12-28T20:21:30.776623Z","last_seen":"2026-01-03T15:16:22.917881Z","times_seen":2,"resource_available":true,"data":null}},"time_used":800,"timings":{"blocked":303,"dns":15,"connect":93,"send":0,"wait":100,"receive":93,"ssl":193},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-1.11.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23","date":"2025-12-28T20:21:04.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-1.11.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://deepcathink.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-1787d\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\nage: 4162470\r\nx-served-by: cache-lga21931-LGA, cache-hel1410032-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 7961, 34926\r\nx-timer: S1766953264.447939,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 33357\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":96381,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32341)","md5":"8fc25e27d42774aeae6edbc0a18b72aa","sha1":"b66ed708717bf0b4a005a4d0113af8843ef3b8ff","sha256":"b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682","sha512":"87d90a665c15d71ac872bd8bc003d9863964c7ec7ada6370b902b93c0bbd7770fe25730d946c7c6a465baa95efa74bc0e78af3f83aea615af35060cc8702a6c1","ssdeep":"1536:EPpEy5BMibZGOj/bEe8v+/UWf4IhvAuCh/jqkODZ2D5N9Rag0MOIdSZAgtgoX5Yn:bIO/e2D5c4LgtImLja98HrK","tlshash":"cc93e8d9b6d2706297b730a851bf510bb17698eab80c4c60f058d8e47eb4e8d507bf2d","first_seen":"2023-03-07T01:02:10Z","last_seen":"2026-05-22T17:32:21.987163Z","times_seen":27403,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":70,"dns":4,"connect":33,"send":0,"wait":25,"receive":2,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"deepcathink.com/css/site.css","fqdn":"deepcathink.com","domain":"deepcathink.com","tld":"com"},"ip":{"addr":"104.21.12.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23","date":"2025-12-28T20:21:04.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"deepcathink.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 06:30:11 GMT","end":"Sun, 08 Mar 2026 07:27:57 GMT"},"fingerprint":{"sha1":"23:BA:CC:FC:CF:47:57:92:14:AD:6C:85:6A:1C:E7:34:D5:53:6C:71","sha256":"0C:D0:9A:9E:16:52:5E:9D:D4:65:77:C0:BB:A4:B5:29:4E:7D:A1:05:F5:14:E7:E6:05:30:94:EA:EF:61:EC:A8"}}},"request":{"raw":"GET /css/site.css HTTP/1.1\r\nHost: deepcathink.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\nlast-modified: Fri, 29 Oct 2021 09:54:42 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nage: 3597\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"617bc4e2-c7\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Mc2tfimHOcpdqegfKJy4WNLjMgCGKFNFeQsN0igD%2FZEtIkTCMDMkrJ3DmIeEssulvTW7VasOp0TzyOvOkp5Apn7F2Ayxn5Aufmm%2BP%2BptTA%3D%3D\"}]}\r\ncf-ray: 9b53c30e48bb4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":199,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"1885af8db9c4146e96aa1096f748151c","sha1":"36f66795c3d8a969ff1e75866db00b727c9f8c26","sha256":"2e7930ddd6ef35ae7416215de492de89a3518769259c1606b9f719c44236c5ae","sha512":"931101e69f878e026443955087cc15a6ff8a4911f0c68f4fc8260f8e675dc9c9dd926eba99a81b3a61cdf2c651576dbd2eaa8666012a114df85f1cc9c1ffc7e5","ssdeep":"","tlshash":"2dd02350b955450538164884a447537773d9501304458ff815b7705c1d4919414b015c","first_seen":"2023-07-22T16:15:08Z","last_seen":"2026-03-19T21:40:26.462434Z","times_seen":181,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23","date":"2025-12-28T20:21:04.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /clappr.level-selector/latest/level-selector.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://deepcathink.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\nage: 1091321\r\nx-served-by: cache-fra-eddf8230160-FRA, cache-hel1410023-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 3046\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9508,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (6153)","md5":"166bbe11bb8dd332f6fbcf8fe9ec30cf","sha1":"f42c73e6e89201ccf5ad513915bb4182ec3a410c","sha256":"23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9","sha512":"f5694e9d247c89e882b979b29eb7a4fd737e118918fcf2fa3475832ade0327e38b83162ba29b45d449f5f9d92227c04fc4e75eaf5bfa9c7b340d648d52864a51","ssdeep":"96:3nEgYzrO8y23l+qr1D+UR7OUx0ibFyYdAG5b0mpb3IJ1GiKz3Ff:3w/O0lFDR7OUfbFywbmJQiKz3B","tlshash":"4b12a43cbac56d718697905a081f21c5b036bade2080e0dc7d7efbe21dec84d2567a76","first_seen":"2023-03-07T01:03:42Z","last_seen":"2026-05-07T19:02:29.7039Z","times_seen":405,"resource_available":true,"data":null}},"time_used":410,"timings":{"blocked":187,"dns":7,"connect":18,"send":0,"wait":14,"receive":0,"ssl":177},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easybugz.site/soccer5/player/36.php","fqdn":"easybugz.site","domain":"easybugz.site","tld":"site"},"ip":{"addr":"193.108.130.21","port":443,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-28T20:21:02.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"easybugz.site","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 08 Nov 2025 12:33:35 GMT","end":"Fri, 06 Feb 2026 12:33:34 GMT"},"fingerprint":{"sha1":"FE:6B:1A:DF:61:78:25:17:27:50:6B:68:E8:45:E8:90:CB:56:E6:9D","sha256":"85:51:CE:47:98:6C:CB:0B:E5:26:9B:62:82:E5:1B:76:B7:1D:0E:0A:E6:A0:A0:43:14:32:E8:BE:0D:8A:B0:4F"}}},"request":{"raw":"GET /soccer5/player/36.php HTTP/1.1\r\nHost: easybugz.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-powered-by: PHP/8.3.23\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 333\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ndate: Sun, 28 Dec 2025 20:21:02 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:8.3.23","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":787,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"6d76285e2de2d99e06334e2a8e1d3ea2","sha1":"ec816390550a31d1152e8a8f3ead026b44719ff0","sha256":"ca0c5b3518a9ef16bbacdf88f11182e2298aea3f6700c6f360332638f127b9be","sha512":"2402928d72faf118bed0d8feec441831875f9b19a6ba3af6a274e4b9c74673411d748a4206909f9fbb0662233efaad38abb2817f9c1bceeeb43371d9ddf5bc0b","ssdeep":"","tlshash":"6e01686fee86f12604d7582c5076a28c95a0801bd524cd0475eda4639f987e90c92bad","first_seen":"2025-12-28T20:21:30.779036Z","last_seen":"2025-12-28T20:21:30.779036Z","times_seen":1,"resource_available":false,"data":null}},"time_used":424,"timings":{"blocked":201,"dns":154,"connect":16,"send":0,"wait":20,"receive":1,"ssl":28},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"easybugz.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"63.182.60.117","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:03.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://easybugz.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybugz.site/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Dec 2025 20:21:03 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://easybugz.site\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=715450b4-2a21-42d2-a217-ce3ac8493c8e:2:1; expires=Wed, 26 Dec 2035 20:21:03 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"55fcdfbbdc4bd57c8682b5367355a94f","sha1":"2fb33e1945502ab17dca3d3070eff209a7a464a6","sha256":"764ab647419c18a82d490e2c10542dc017973f8490dda05c4bbd6ecf5ece7e04","sha512":"66cac7003a501825be53898cce9d595449916df7489458f09a2926dccff995099ece1c913c87b3cc826523abed533a618f34228a06a40bd3d98a01f3d904fb5e","ssdeep":"","tlshash":"78900434011f501ddff44440330c04cc11134d1713d471043cc0d0c57511c10115d434","first_seen":"2025-12-28T20:21:30.773958Z","last_seen":"2025-12-28T20:21:30.773958Z","times_seen":1,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/watch.1683966096110.js?key=781cfdb4acd53abd3de7fdeb77c533a4\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Feasybugz.site%2Fsoccer5%2Fplayer%2F36.php\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=46a6f9e9-6a7c-4a87-ba48-1fa9da54b308%3A2%3A1\u0026shu=99c5caeab5ca05a9767e6c233f89579735f563d885a9ebf3167144c234691459a9b9cb14693ab264139bfb779911688171a61dae132934420e158f99f001dcbb6eb649800a960628508e8a3484970b0173cdfc4d9b1b560d654e\u0026pst=1766953324\u0026rmtc=t","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:04.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /watch.1683966096110.js?key=781cfdb4acd53abd3de7fdeb77c533a4\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Feasybugz.site%2Fsoccer5%2Fplayer%2F36.php\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=46a6f9e9-6a7c-4a87-ba48-1fa9da54b308%3A2%3A1\u0026shu=99c5caeab5ca05a9767e6c233f89579735f563d885a9ebf3167144c234691459a9b9cb14693ab264139bfb779911688171a61dae132934420e158f99f001dcbb6eb649800a960628508e8a3484970b0173cdfc4d9b1b560d654e\u0026pst=1766953324\u0026rmtc=t HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://easybugz.site\r\nReferer: https://easybugz.site/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzY3OTg0OSwiayI6Ijc4MWNmZGI0YWNkNTNhYmQzZGU3ZmRlYjc3YzUzM2E0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MzI5NTAxLCJwaWQiOjM5NzY0NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyMywicHQiOjQsInBrIjoiZWVjMG5uMzV1dSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL2Vhc3lidWd6LnNpdGUvc29jY2VyNS9wbGF5ZXIvMzYucGhwIiwidHoiOjEsImFyIjpbXX19.JogKoX6ZVKslU4cye6vyCobW2h13d-pVHpReJAmKCxA\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Dec 2025 20:21:04 GMT\r\nContent-Type: text/html\r\nContent-Length: 3298\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://easybugz.site\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=46a6f9e9-6a7c-4a87-ba48-1fa9da54b308:2:1; expires=Sun, 04 Jan 2026 20:21:04 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Mon, 29 Dec 2025 20:21:04 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Mon, 29 Dec 2025 20:21:04 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Mon, 29 Dec 2025 20:21:04 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Mon, 29 Dec 2025 20:21:04 GMT; path=/; secure; SameSite=None\nu_pl27679849=1; expires=Mon, 29 Dec 2025 20:21:04 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 63\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 707a5390faef7d6aa200949de23129a1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4751,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3875)","md5":"3040498af0ddb2a36c23cdd17d46bbd0","sha1":"882c6c2ca210cbf9749f8bd3cfb0345c2b7dfd89","sha256":"e733fd73c0414ebf1269fc0f2b87be75444b18f8cf73046c2a4a3849f56a08c6","sha512":"9346f45ba89565066a3737591f1ebf76a12a65c29c08cc27b8a86a1663dc7a195e082c7223e275c071a433300f0e4fc10e3b3cd5233678835c03633963e3c601","ssdeep":"96:QNYFozlfRxdlhKgIeTJKZwqi8pB5CRk/PlAB/oLVdYVaSV81ZDcCfMEDaH:AzLlhKteTJQpPCRknlAyYVaSiVcCkCaH","tlshash":"bca119799ec49578287270ef1473e4246c61920b2905fd82f49cf64a6f70bf21e7ae4c","first_seen":"2025-12-28T20:21:30.779788Z","last_seen":"2025-12-28T20:21:30.779788Z","times_seen":1,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":158,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"63.182.60.117","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:03.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://easybugz.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybugz.site/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Dec 2025 20:21:03 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://easybugz.site\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=46a6f9e9-6a7c-4a87-ba48-1fa9da54b308:2:1; expires=Wed, 26 Dec 2035 20:21:03 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"a47f62e98f69e021ac18b4014e41a377","sha1":"061d6947a07e68f0fed597422cd8d04cab81ff71","sha256":"f5bd93b9ff53a396b43e19b6f919498f195ac4e12add16997699ec347a60a705","sha512":"e640b7f34411b39b0e15d7aa62b039db3e1fb6f1735962de96eb0d26e2b5b5674aa29dc23193f40a6131c1f1caf405b90d240b913b6bff0d55ff454d7d6289f5","ssdeep":"","tlshash":"b1900405747510d0570350541c543040c0d00515c7104c3d1d00f3c7d7c55000f54474","first_seen":"2025-12-28T20:21:30.78068Z","last_seen":"2025-12-28T20:21:30.78068Z","times_seen":1,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":148,"dns":34,"connect":21,"send":0,"wait":21,"receive":0,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/watch.363212471143.js?key=88358e57c76702c177775242b8463ab2\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Feasybugz.site%2Fsoccer5%2Fplayer%2F36.php\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=715450b4-2a21-42d2-a217-ce3ac8493c8e%3A2%3A1","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:03.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 00:22:29 GMT","end":"Wed, 28 Jan 2026 00:22:28 GMT"},"fingerprint":{"sha1":"AA:F8:F2:CD:8F:90:E0:34:26:52:5F:28:83:02:25:29:22:DE:BB:79","sha256":"E5:C6:96:84:40:94:64:CB:57:23:67:51:0E:0F:27:85:86:63:98:09:63:88:91:67:0A:01:DC:33:5A:53:16:A6"}}},"request":{"raw":"GET /watch.363212471143.js?key=88358e57c76702c177775242b8463ab2\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Feasybugz.site%2Fsoccer5%2Fplayer%2F36.php\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=715450b4-2a21-42d2-a217-ce3ac8493c8e%3A2%3A1 HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://easybugz.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybugz.site/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Dec 2025 20:21:04 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://easybugz.site\r\naccess-control-allow-credentials: true\r\nlocation: https://sourshaped.com/watch.363212471143.js?key=88358e57c76702c177775242b8463ab2\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Feasybugz.site%2Fsoccer5%2Fplayer%2F36.php\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=715450b4-2a21-42d2-a217-ce3ac8493c8e%3A2%3A1\u0026shu=88188b7221a5ee71563318c1deeb083dd2ad96f4702377065372dce08391f8576b3eb5ed83f4508c086b1ada0e1895ae84d66a8075a9b428a81b63a5bea15d2ffc6a752b3991c21c011296a00e4308c26732cacb321539b460c6d0\u0026pst=1766953324\u0026rmtc=t\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzY3OTg3NywiayI6Ijg4MzU4ZTU3Yzc2NzAyYzE3Nzc3NTI0MmI4NDYzYWIyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MzI5NTAxLCJwaWQiOjM5NzY0NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyNywicHQiOjQsInBrIjoibmh0Z3J0d3YyciIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL2Vhc3lidWd6LnNpdGUvc29jY2VyNS9wbGF5ZXIvMzYucGhwIiwidHoiOjEsImFyIjpbXX19.yigjsKLztdE8YuQuoAmuTD4HpXxiVXG7DIQTnck6hHM; expires=Sun, 28 Dec 2025 20:22:04 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 2\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9634de98b6d49ed9951d50b6422c5502\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4587,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-22T17:19:51.364304Z","times_seen":15564649,"resource_available":true,"data":null}},"time_used":656,"timings":{"blocked":276,"dns":2,"connect":92,"send":0,"wait":96,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23","fqdn":"deepcathink.com","domain":"deepcathink.com","tld":"com"},"ip":{"addr":"104.21.12.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://techydeals.store/iframe/36.php","date":"2025-12-28T20:21:03.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"deepcathink.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 06:30:11 GMT","end":"Sun, 08 Mar 2026 07:27:57 GMT"},"fingerprint":{"sha1":"23:BA:CC:FC:CF:47:57:92:14:AD:6C:85:6A:1C:E7:34:D5:53:6C:71","sha256":"0C:D0:9A:9E:16:52:5E:9D:D4:65:77:C0:BB:A4:B5:29:4E:7D:A1:05:F5:14:E7:E6:05:30:94:EA:EF:61:EC:A8"}}},"request":{"raw":"GET /embed.php?player=desktop\u0026live=bbeinusapop23 HTTP/1.1\r\nHost: deepcathink.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://techydeals.store/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TyFeJ2izaQiFKx4SqdUdO3kodfTot%2BK39AW%2Br7yTE7LJbpTC7KTeBi8D7OYHQgX3dh9o%2FK3Ol1K2hddUGUFTLqeMB1zZgqorK40Ajeyftw%3D%3D\"}]}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/8.1.30\r\ncontent-encoding: br\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b53c30bc8784e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"BootstrapCDN:3.3.7","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"Bootstrap:3.3.7","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery Migrate:1.2.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.1.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"jQuery:3.2.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":8714,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1204)","md5":"232047ff6fdc4190e8a0867ef826e3eb","sha1":"53b7640f93b43dc2a9083699f51d593be9a6c1b6","sha256":"b8a6a6bcbc7a20d6fcef40cbac7d834faedf70975408a024b282300c65fe88e8","sha512":"7dd28c4b1c4e78cf2d9cd584a822ab84c0b665204dfa5b521afb6d7407f43f56425d459f53679c6abfbd9e31c6302942601fa60d5145dd924e2bed3e8c0c063f","ssdeep":"192:1Pz7gHdHCNVr/hXhFrC8emKfBWWKW3iHSeAIsHSywUJbag4ejCb:1bGCrpXhFrumU9yywUJbag49","tlshash":"7702950bce7745291423e0ac85ffa21c30bd013bb701c9abb9adf1784f9e29664755d8","first_seen":"2025-12-28T20:21:30.781488Z","last_seen":"2025-12-28T20:21:30.781488Z","times_seen":1,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://techydeals.store/iframe/36.php","date":"2025-12-28T20:21:04.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:40:35 GMT","end":"Tue, 27 Jan 2026 23:40:34 GMT"},"fingerprint":{"sha1":"AA:22:33:AC:0A:FC:0D:31:C5:9F:92:99:20:7A:02:E4:46:E3:08:8C","sha256":"72:5A:79:00:74:D1:90:EF:9A:D3:3F:01:E6:E5:14:1D:41:4F:F2:28:D3:FD:4C:AA:70:DE:D8:BE:C2:15:3F:EE"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://techydeals.store/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Dec 2025 20:21:04 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8fa4ef31fde78495a56946a9a1b13d25\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-22T17:13:44.269022Z","times_seen":16658,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":10,"dns":2,"connect":18,"send":0,"wait":26,"receive":18,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"waust.at/s.js","fqdn":"waust.at","domain":"waust.at","tld":"at"},"ip":{"addr":"104.26.5.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:02.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waust.at","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Dec 2025 19:37:15 GMT","end":"Sun, 15 Mar 2026 20:37:11 GMT"},"fingerprint":{"sha1":"65:98:57:1D:D0:E1:C6:FD:D4:EA:FE:DC:DD:B7:64:B6:6F:BC:2D:3E","sha256":"73:94:A9:0B:3C:AC:A5:A2:4B:D1:6F:F3:A7:32:53:C1:6F:62:A5:D7:51:1D:50:84:CB:3B:AB:DB:1B:B3:78:23"}}},"request":{"raw":"GET /s.js HTTP/1.1\r\nHost: waust.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybugz.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Dec 2025 20:21:02 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Wed, 17 Dec 2025 22:03:15 GMT\r\netag: W/\"694328a3-1c76\"\r\nexpires: Mon, 29 Dec 2025 20:09:40 GMT\r\ncache-control: max-age=86400\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 682\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xRoWzFT%2B9I6I9tgqp7c8xdhp3yJasBbsI8yDQvVVXn6EV06MrJZ3%2BH79xsxhDgi2hMu8VGAuHnqDwBk6T4ojpL3NhH131pU%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 9b53c305892a1a30-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7286,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (7286), with no line terminators","md5":"7e1800d35725cb510d6ca600677a9669","sha1":"e4ba00dd620d7a4531a6a954c51b5d801f78520c","sha256":"d03635e64afffd465cd2c59e0bc850fecde2aa979e55240e4737094633f50391","sha512":"b5c00c9106750dec2b23e6207f49efeb62825c39b148f849015ae30453f1c76cc1c649083062b1d9e32214cad4a8f6249373ab17f92d662326350f004adb6c1d","ssdeep":"96:tLN7NgmG8j2svNuYMTX080ORDvckw9AVDx+llB9RmSK29tCq0jjaNrTBq92n/rQl:l94B70AjPVDx+9Rml29NBm2/MVpd","tlshash":"26e1c7b5325314b65ff650a5606f7345b831517b6f479001809e84b836acf0b91eaff7","first_seen":"2025-11-28T23:48:30.367069Z","last_seen":"2026-05-22T17:07:03.44545Z","times_seen":1129,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":29,"dns":3,"connect":1,"send":0,"wait":5,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"waust.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"waust.at","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.highperformanceformat.com/88358e57c76702c177775242b8463ab2/invoke.js","fqdn":"www.highperformanceformat.com","domain":"highperformanceformat.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:03.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"highperformanceformat.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 22:06:14 GMT","end":"Mon, 09 Mar 2026 22:06:13 GMT"},"fingerprint":{"sha1":"FF:6C:F9:E0:24:86:DF:99:47:19:6C:03:2B:17:E7:3B:21:C6:76:11","sha256":"7D:B7:58:57:35:4C:C8:CB:D1:EC:C1:9D:A7:81:D0:9A:64:F9:9A:AD:FF:AB:A6:C6:0B:D3:97:CC:AE:D6:5E:A2"}}},"request":{"raw":"GET /88358e57c76702c177775242b8463ab2/invoke.js HTTP/1.1\r\nHost: www.highperformanceformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybugz.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Dec 2025 20:21:03 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18516\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: www.highperformanceformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: cabb32b6923d7278b8ebed238e002e60\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46263,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46263), with no line terminators","md5":"f669d701600e2506e4defb9d075a4902","sha1":"ad1a12ccfd1c8fd783c8735e4cc232019f53197d","sha256":"8b224d5b25a984b5ed41c5c52161b487c06d19660abc311a8f58b29a6be8f016","sha512":"a52190b7c6c4dd3351fc8b2636104e2d7497321856ad49e2588bac2d473712fa28ad30462def096a0c49477b2adc11149d8482fcb3912fafb186dd24f617dbae","ssdeep":"768:dB2EL/5+sNKlKMHLQTwkf0R6sYeLvLoK12G6FYc0Cbjf:dB2EV+aMHLQTwkf0bLDLoK12tFYNK7","tlshash":"a723fa5dbf92f006165f70b7376fa106b11a8c19680cd89cfa07fda46d68f05e837aa4","first_seen":"2025-12-28T20:21:30.783413Z","last_seen":"2026-01-03T15:16:23.779496Z","times_seen":2,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"www.highperformanceformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.21.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23","date":"2025-12-28T20:21:04.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /ajax/libs/jquery/3.2.0/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://deepcathink.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30281\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 24 Dec 2025 20:12:25 GMT\r\nexpires: Thu, 24 Dec 2026 20:12:25 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 346119\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86596,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32033)","md5":"d4162c9d7e520a5de05001be6e741899","sha1":"0baf29230047c9cd896f14c59618c9948ea79451","sha256":"2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2","sha512":"b2e52d48f92a62615de4bb37d0dcfa6e30d7f9309c7c4ce115faa38a37dd820b1a159a3296f4e3fb6a1d073b21b344c2c18ad866141e0a01e024492771bd9855","ssdeep":"1536:+NhEyjjTikEJO4edXXe9J578go6MWX2xkj8e4cAj2ll/ckaXEy6n15HZ+FhFcQDs:Axc2yjxAj2QA/kcQDU8Cuu","tlshash":"f883e6d9b2c670629b7730b850bf410bb17a98dab44c8c60f158d9d47db8a8d907bf2c","first_seen":"2023-03-07T12:01:55Z","last_seen":"2026-05-22T15:58:40.585522Z","times_seen":2452,"resource_available":true,"data":null}},"time_used":489,"timings":{"blocked":226,"dns":1,"connect":8,"send":0,"wait":9,"receive":10,"ssl":231},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"deepcathink.com/blast.js","fqdn":"deepcathink.com","domain":"deepcathink.com","tld":"com"},"ip":{"addr":"104.21.12.206","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23","date":"2025-12-28T20:21:04.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"deepcathink.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Dec 2025 06:30:11 GMT","end":"Sun, 08 Mar 2026 07:27:57 GMT"},"fingerprint":{"sha1":"23:BA:CC:FC:CF:47:57:92:14:AD:6C:85:6A:1C:E7:34:D5:53:6C:71","sha256":"0C:D0:9A:9E:16:52:5E:9D:D4:65:77:C0:BB:A4:B5:29:4E:7D:A1:05:F5:14:E7:E6:05:30:94:EA:EF:61:EC:A8"}}},"request":{"raw":"GET /blast.js HTTP/1.1\r\nHost: deepcathink.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 08 Oct 2022 23:56:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"63420e24-13040\"\r\ncontent-encoding: gzip\r\nage: 3597\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cDlXzrfEDsOKw7BHTEBM6N7U1UoEGcmNqS%2Bs2T3bmRFOZKlNblz%2Fsq81%2FxnFrzHcH0oYACnEbGoXeNExyCGCvY5dx15UbiQ8CzecpRHcYg%3D%3D\"}]}\r\ncf-ray: 9b53c30e48bd4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77888,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"091faec928970e76d37a3601c19fcf8a","sha1":"6441e8eebe90eb8d4a40e7c25440ff99caba3520","sha256":"eb06375118b1eb73f43b8f1851472008f84999a1b27359c075bf5da6feef9a12","sha512":"0065b4e5167b85abb85d4af6be22853d1ea16e9c0d5420173f356dd7a980374487405d8561a4a5df32dd68d2956af6c7a3f099776994e2cf6a3b0eb8df1c3277","ssdeep":"1536:HnyiwA6dLK4I7T8IVCJ0Xiyu/lpvd7TN8+Prp2s:HnyiwFLzI7AeSymrpTNZrpN","tlshash":"16732ec177d5bc8212872b77731bb1e6e82a9dd87188488ef104bc90f4bda12fae4575","first_seen":"2023-03-08T14:53:38Z","last_seen":"2026-05-22T02:07:58.720707Z","times_seen":1593,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@swarmcloud/hls/p2p-engine.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://deepcathink.com/embed.php?player=desktop\u0026live=bbeinusapop23","date":"2025-12-28T20:21:04.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/@swarmcloud/hls/p2p-engine.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://deepcathink.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 2.17.8\r\nx-jsd-version-type: version\r\netag: W/\"3269b-mGn20NYMYYYLUaqdIlFJnaqoNt0\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\nage: 5323\r\nx-served-by: cache-fra-etou8220035-FRA, cache-hel1410023-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 63600\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":206491,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"fdddb95edbd8ed05d98504cb13ae9eb1","sha1":"9869f6d0d60c61860b51aa9d2251499daaa836dd","sha256":"9fb01ecde5b4a4d1fac2a71920c7fb517ad1131474e69ee069605f3e13e8d535","sha512":"eb2e722c49de16974d10163b95c36e4ca2c482fcd1f37561858e759a9e4b476b37ae0b9fc2553f4033f83b987938cc6faad098e22332ccb9cae26aa793bbec69","ssdeep":"3072:8+npWEd0Z6R/qTiGKbfUbMGySYqJywppR3VguQ0GRPhN:jpYZ4wA4XJFpR3VgukRPhN","tlshash":"14142bd6739a902383c595e694740303b335a58e3848c06cb66cbddfad2ee89b476f74","first_seen":"2025-12-17T15:21:21.291319Z","last_seen":"2026-05-09T02:46:27.758223Z","times_seen":95,"resource_available":true,"data":null}},"time_used":477,"timings":{"blocked":207,"dns":8,"connect":36,"send":0,"wait":32,"receive":11,"ssl":177},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/2e/19/1d/2e191d53c2bed4aeafab0847c1e21463/1708270519.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:04.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/2e/19/1d/2e191d53c2bed4aeafab0847c1e21463/1708270519.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 50834\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 18 Feb 2024 15:35:28 GMT\r\netag: \"65d223c0-c692\"\r\nexpires: Tue, 30 Dec 2025 20:21:04 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50834,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:18 15:38:41], progressive, precision 8, 468x60, components 3","md5":"9b75700732356a734073ed1778b4f0a3","sha1":"53399882ffce5a7af77c0795e3388407f4a8ad23","sha256":"1e9b1cfc21ebb604ec64674390ffeaa01f9daf0c7848e7a8c9942547b140df7d","sha512":"965bfddc9de1fa8fb4b467100d755b23946423bae949dd8935c1a1a46cfe46e04fd6b0f208350696aa434ada1e79181567864647f4a17cc7a70137cd02dfe61f","ssdeep":"768:1vjixvOURllJgib4OBpcGQj9xAZqRGahDKavQ0LUXqm03dGDwalRK:1CmURlXlG9e0waVKt0LuR03EzlU","tlshash":"7933e09fbbd2dd82fcd459346aede68a13167e88a753aa103c9d34463b74ba00c24385","first_seen":"2024-02-20T18:03:35Z","last_seen":"2026-05-20T19:01:25.462478Z","times_seen":377,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":47,"dns":57,"connect":19,"send":0,"wait":40,"receive":21,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/impr.gif?sid=H4sIAAAAAAAC_1STvW8dxRrGZ50ozS2i3FzdW9zmSFCAhI9ndmY_hhQIE4IiTD6coBSQYr7WHrxnZ5nZPeu4CkRCkWicjnL9HicWECFAtEjRMV0kpBwqF3HDn4CUggodx5LhLd6P-U3xvKNnvthpDxGFVhxc-8Bt2bIUS8kQD167ZSvtujC4cnNA8BBfGNyyVcouDDbnyY_fJJQN8euD94zacEsxJhgTTAaXrDeF21w6omDrx5wMOR6yeEgSBpv-n3NoIwgiAj0-RP8Gq2dnfy8-AqumUI2-v2jCRuPqN94dtaVonIex3vuw2qhcV8HopC18BEW1d3wbXJgh9NUCuGrveANw4935BiDtDC389znIau9YJsjxw5dKZQmmAqn_Bd14CqbcByumoNw9sPoZAlAarlyFavToivOduPOSijmdodMv_gDbzdDp5_-BavTdcmk3Bzdc2TbWVQE2ix7s5hTs2hTqdh-arQhstw-q-Rys_hUtvViBarR7NZQOrD54laUiLbjhi6nI1CITebYoBcsXSSG4FgmTFOdHT2SLKYiwAG2IoLURtEUEbR3BSB8MGM6ZIoKmBdcqw0wwpo3EPI8xFlxl0KrPwOptUP4u1P4ubNgHMxSdrcC3TyCsH_zEuUqUMEImSuBE8CzNTKpiSoucJxnPaFIkKdV5nghuZEFJmhHGVExZyglLuOCSK0lYyqmQccoI5bKQWcY5IWmek4yIlGhhCI05ZSzGhiR5wXmBMdFKytTIlPF8LjfFaZwnODe5oCxnPMMSk4wqXSimuSQySbFOE2Yg6AhCg2Cse-gMgi4g6ASCziLoGgTduH-oyxCH_pEuQyvJcY2PK-0nrlnbEQ9ds2YqBMJvg9f9rq0_DfdANacmW0XQEzdPQjb9REjd79SH6NzcCNGjjy1smINBlhNVaMmE0gkVUlNtskIbmWUqoVQwCLYHGxZAhAi27AxdX70NtZ2hM-dWQIp9COU-KHseRPs_EN0ki3MQ68AxbFU_-uG6KIvGjowfuqq0lQHteqib09DciXbKQ3R-snpz-cmRNW9_icGop-g4QPkeat_DJ_YXBGvl_cmq69DuqusC-uFq3diR3RJz295oRGPOfPO-udM5ry9fDNtfv63mYN4-vmlCsyIqbau1gL5dtlobf8l5ZdDPl8MtI6-1YX259VVbr1x759LlUe1NCNZVUxD22SsxKDtD5_cmRx-S_fl_UPVdCPWJyuAQyBpBaRGU5uRcyB7C32Z50u-E-7DmIxDNPahGPYx9D-OyB1FuQ2hPTZraP33rN3oUIMtoIkuPdmXp59weDApqYoVxnqWE5oUhlGlVJDnjOhWYUgNNmNnrD_BfAQAA__8kRHylLgUAAA==","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:04.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1STvW8dxRrGZ50ozS2i3FzdW9zmSFCAhI9ndmY_hhQIE4IiTD6coBSQYr7WHrxnZ5nZPeu4CkRCkWicjnL9HicWECFAtEjRMV0kpBwqF3HDn4CUggodx5LhLd6P-U3xvKNnvthpDxGFVhxc-8Bt2bIUS8kQD167ZSvtujC4cnNA8BBfGNyyVcouDDbnyY_fJJQN8euD94zacEsxJhgTTAaXrDeF21w6omDrx5wMOR6yeEgSBpv-n3NoIwgiAj0-RP8Gq2dnfy8-AqumUI2-v2jCRuPqN94dtaVonIex3vuw2qhcV8HopC18BEW1d3wbXJgh9NUCuGrveANw4935BiDtDC389znIau9YJsjxw5dKZQmmAqn_Bd14CqbcByumoNw9sPoZAlAarlyFavToivOduPOSijmdodMv_gDbzdDp5_-BavTdcmk3Bzdc2TbWVQE2ix7s5hTs2hTqdh-arQhstw-q-Rys_hUtvViBarR7NZQOrD54laUiLbjhi6nI1CITebYoBcsXSSG4FgmTFOdHT2SLKYiwAG2IoLURtEUEbR3BSB8MGM6ZIoKmBdcqw0wwpo3EPI8xFlxl0KrPwOptUP4u1P4ubNgHMxSdrcC3TyCsH_zEuUqUMEImSuBE8CzNTKpiSoucJxnPaFIkKdV5nghuZEFJmhHGVExZyglLuOCSK0lYyqmQccoI5bKQWcY5IWmek4yIlGhhCI05ZSzGhiR5wXmBMdFKytTIlPF8LjfFaZwnODe5oCxnPMMSk4wqXSimuSQySbFOE2Yg6AhCg2Cse-gMgi4g6ASCziLoGgTduH-oyxCH_pEuQyvJcY2PK-0nrlnbEQ9ds2YqBMJvg9f9rq0_DfdANacmW0XQEzdPQjb9REjd79SH6NzcCNGjjy1smINBlhNVaMmE0gkVUlNtskIbmWUqoVQwCLYHGxZAhAi27AxdX70NtZ2hM-dWQIp9COU-KHseRPs_EN0ki3MQ68AxbFU_-uG6KIvGjowfuqq0lQHteqib09DciXbKQ3R-snpz-cmRNW9_icGop-g4QPkeat_DJ_YXBGvl_cmq69DuqusC-uFq3diR3RJz295oRGPOfPO-udM5ry9fDNtfv63mYN4-vmlCsyIqbau1gL5dtlobf8l5ZdDPl8MtI6-1YX259VVbr1x759LlUe1NCNZVUxD22SsxKDtD5_cmRx-S_fl_UPVdCPWJyuAQyBpBaRGU5uRcyB7C32Z50u-E-7DmIxDNPahGPYx9D-OyB1FuQ2hPTZraP33rN3oUIMtoIkuPdmXp59weDApqYoVxnqWE5oUhlGlVJDnjOhWYUgNNmNnrD_BfAQAA__8kRHylLgUAAA== HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNzY3OTg0OSwiayI6Ijc4MWNmZGI0YWNkNTNhYmQzZGU3ZmRlYjc3YzUzM2E0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1MzI5NTAxLCJwaWQiOjM5NzY0NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyMywicHQiOjQsInBrIjoiZWVjMG5uMzV1dSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL2Vhc3lidWd6LnNpdGUvc29jY2VyNS9wbGF5ZXIvMzYucGhwIiwidHoiOjEsImFyIjpbXX19.JogKoX6ZVKslU4cye6vyCobW2h13d-pVHpReJAmKCxA; uid_id2=46a6f9e9-6a7c-4a87-ba48-1fa9da54b308:2:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl27679849=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Dec 2025 20:21:04 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4d8632fa3e0e22721270ca5ecc6efe5d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-22T17:19:51.364304Z","times_seen":15564649,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://techydeals.store/iframe/36.php","date":"2025-12-28T20:21:04.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:14:37 GMT","end":"Wed, 28 Jan 2026 01:14:36 GMT"},"fingerprint":{"sha1":"5A:67:AA:88:D5:BE:C4:00:42:86:CC:4E:FC:E7:73:FE:CB:85:71:60","sha256":"F5:6C:A4:39:AC:04:F6:11:7E:DB:94:93:4C:93:FC:EC:A2:B4:4E:A4:FE:19:8E:22:C0:D8:D4:84:67:37:70:C0"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://techydeals.store/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Dec 2025 20:21:04 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5013e8afc366f526c8af24d614e7228f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-22T17:19:51.364304Z","times_seen":15564649,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":36,"dns":1,"connect":18,"send":0,"wait":18,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybugz.site/bannerads.js","fqdn":"easybugz.site","domain":"easybugz.site","tld":"site"},"ip":{"addr":"193.108.130.21","port":443,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:02.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"easybugz.site","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 08 Nov 2025 12:33:35 GMT","end":"Fri, 06 Feb 2026 12:33:34 GMT"},"fingerprint":{"sha1":"FE:6B:1A:DF:61:78:25:17:27:50:6B:68:E8:45:E8:90:CB:56:E6:9D","sha256":"85:51:CE:47:98:6C:CB:0B:E5:26:9B:62:82:E5:1B:76:B7:1D:0E:0A:E6:A0:A0:43:14:32:E8:BE:0D:8A:B0:4F"}}},"request":{"raw":"GET /bannerads.js HTTP/1.1\r\nHost: easybugz.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybugz.site/soccer5/player/36.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 04 Jan 2026 20:21:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 04 Oct 2025 13:05:00 GMT\r\netag: \"2b7-68e11b7c-84ef398bc9945102;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 232\r\ndate: Sun, 28 Dec 2025 20:21:02 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":695,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"1972efb18561923059d7ffb8004acb91","sha1":"df08da8c77e7e073984dce18c629e6ac9f8b1399","sha256":"7d76bdc49f89b41ee4d890cf53f0caf4d29d0b6e343dc4da8dad73c8a5a7a77c","sha512":"c36546e51bcf9a322201b837d719251e79f5a470169200282cc1d93c4d5c64675d15eaec4e593ee5fa980b00c13f5b0bc98b294c3ce389383598d98360596e8b","ssdeep":"","tlshash":"c101996d5983f89090610cbfc05d41882a70a22be940ace13a7f96598fddd6d18a2e38","first_seen":"2025-11-09T15:29:37.014977Z","last_seen":"2026-01-03T15:16:23.295833Z","times_seen":9,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"easybugz.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"techydeals.store/text.js","fqdn":"techydeals.store","domain":"techydeals.store","tld":"store"},"ip":{"addr":"193.108.130.21","port":443,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://techydeals.store/iframe/36.php","date":"2025-12-28T20:21:03.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.techydeals.store","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Dec 2025 01:20:33 GMT","end":"Thu, 05 Mar 2026 01:20:32 GMT"},"fingerprint":{"sha1":"D3:4D:C8:73:AE:61:64:09:7D:F7:A1:ED:5C:10:A2:D0:6C:41:19:3E","sha256":"F9:18:E0:E9:B4:EA:95:64:79:C5:99:92:E4:1A:98:87:BE:88:5C:F3:89:FB:60:47:D8:39:99:2C:9A:04:4E:B0"}}},"request":{"raw":"GET /text.js HTTP/1.1\r\nHost: techydeals.store\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://techydeals.store/iframe/36.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 04 Jan 2026 20:21:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 19 Nov 2025 11:58:52 GMT\r\netag: \"120-691db0fc-7090443d0eb588c0;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 162\r\ndate: Sun, 28 Dec 2025 20:21:03 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":288,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"af92809653b7ef69accc97384e14c33f","sha1":"67fb520fae6ae7858feb684f9d7316924b05d8b3","sha256":"453b1d8d659235e3885468044d5f264dfd67d631f6a3e5d5d1f8f763746de8a0","sha512":"ec08fc9c33882f1a49b6b4463b8586b01a870a27ba6e6c7f66437c15e7ad2637be9bc400e2b006baad60831148a8b513f6dc3a9397423670d83c845d5c65824b","ssdeep":"","tlshash":"cfd02b29cdf7e021055a1457a2bec26871a150b62614e40b68fccf5c5f60fe94c1de9d","first_seen":"2025-11-22T12:39:02.038672Z","last_seen":"2026-01-03T15:16:24.170839Z","times_seen":6,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pl27780335.effectivegatecpm.com/73/7d/3e/737d3edcc92abc8ffa2c1a1fead98229.js","fqdn":"pl27780335.effectivegatecpm.com","domain":"effectivegatecpm.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://techydeals.store/iframe/36.php","date":"2025-12-28T20:21:03.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"effectivegatecpm.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 06 Dec 2025 21:45:50 GMT","end":"Fri, 06 Mar 2026 21:45:49 GMT"},"fingerprint":{"sha1":"4D:1C:0D:DB:A3:77:74:26:85:B0:AD:E4:B7:D6:63:03:F7:70:5B:C1","sha256":"9A:F3:3F:D6:D1:0C:71:F9:29:9F:CD:B5:C6:5A:D8:DC:57:BB:69:1F:2D:12:B6:B9:74:23:CD:5A:2A:D3:FB:BE"}}},"request":{"raw":"GET /73/7d/3e/737d3edcc92abc8ffa2c1a1fead98229.js HTTP/1.1\r\nHost: pl27780335.effectivegatecpm.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://techydeals.store/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 28 Dec 2025 20:21:04 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38108\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 5\r\nHost: pl27780335.effectivegatecpm.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5c05615a70b0cc4a8f24fc2c1aa893cd\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":106864,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"590f6685d4ae85323e5419dd53608fdc","sha1":"6302a1ec427a4d990a3edb7d929a29d22e412686","sha256":"f1faeb7cd141e3e055bf20778e779880ab96541a8e25e00314e2b96d3beda6a8","sha512":"c9e641ad7e21ee684a905d9b81a6e05f3523a9e93b5bb2bac9c5e82cc214b6b6b73a0d585c6e52f212d4e6a3ca640ed9e4f7fc55919e163632586a9e62516a94","ssdeep":"3072:Ekz17aMWZ44SXdVY4lDKVVbZ4i3/9j9y1UglGewsR:Ekzw194LwsR","tlshash":"aca3c788bfd0f06d129a6473223f950ff11a4e42505ce558e907f8e66abc32af47db64","first_seen":"2025-12-28T20:21:30.787827Z","last_seen":"2025-12-31T20:44:29.610392Z","times_seen":2,"resource_available":true,"data":null}},"time_used":816,"timings":{"blocked":306,"dns":27,"connect":93,"send":0,"wait":101,"receive":97,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"pl27780335.effectivegatecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"pl27780335.effectivegatecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"pl27780335.effectivegatecpm.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"pl27780335.effectivegatecpm.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easybugz.site/favicon.ico","fqdn":"easybugz.site","domain":"easybugz.site","tld":"site"},"ip":{"addr":"193.108.130.21","port":443,"asn":965,"as":"WEBHOSTINGHOLDINGS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://easybugz.site/soccer5/player/36.php","date":"2025-12-28T20:21:04.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"easybugz.site","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 08 Nov 2025 12:33:35 GMT","end":"Fri, 06 Feb 2026 12:33:34 GMT"},"fingerprint":{"sha1":"FE:6B:1A:DF:61:78:25:17:27:50:6B:68:E8:45:E8:90:CB:56:E6:9D","sha256":"85:51:CE:47:98:6C:CB:0B:E5:26:9B:62:82:E5:1B:76:B7:1D:0E:0A:E6:A0:A0:43:14:32:E8:BE:0D:8A:B0:4F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: easybugz.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easybugz.site/soccer5/player/36.php\r\nCookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=715450b4-2a21-42d2-a217-ce3ac8493c8e%3A2%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html\r\ncontent-length: 240\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding,User-Agent\r\ndate: Sun, 28 Dec 2025 20:21:04 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":480,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"9daee27e4fb1c9f15fb6f2578cd27976","sha1":"a82cfa14d843a228c2f84e2c3306b86e02579151","sha256":"5325c7fed1bac48811f1eea78d9c0c54fbad8213de61b22368d4ece9a41b1ede","sha512":"9b34495515108a80e7f6f3bc851a5a19f6ef0e253668519d606ed662006e7f07f03b68be9dea23976d07b450951cdef8c37ba670424966390a708dcd6dab9978","ssdeep":"","tlshash":"65f0236ddc7719cf042330b539ca00ba861813ebc43a81fa3c02d920090043c53c02cf","first_seen":"2025-11-09T15:29:37.059292Z","last_seen":"2025-12-31T20:44:29.631117Z","times_seen":4,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"easybugz.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}