{"report_id":"c68714a3-c30f-4866-a5b6-f44f13c06289","version":6,"status":"done","tags":[],"date":"2025-10-05T14:44:12Z","url":{"schema":"http","addr":"www.rbtvplus.com/","fqdn":"www.rbtvplus.com","domain":"rbtvplus.com","tld":"com"},"ip":{"addr":"172.67.163.46","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"title":"FCTV33 live sports today"},"submit":{"url":{"schema":"http","addr":"www.rbtvplus.com/","fqdn":"www.rbtvplus.com","domain":"rbtvplus.com","tld":"com"},"ip":{"addr":"172.67.163.46","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-09T14:44:12Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"logos2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"apis-data-defra11.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"apis-data11.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-09-28T22:11:36.689828Z","alert_count":0,"request_count":5,"received_data":1926335,"sent_data":2227,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"statics2.tcgfs39a2.xyz","ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-29","domain_rank":0,"first_seen":"2025-10-05T14:44:14.421136Z","last_seen":"2025-10-05T14:44:14.421136Z","alert_count":35,"request_count":37,"received_data":2417373,"sent_data":16551,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"logos2.tcgfs39a2.xyz","ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-29","domain_rank":0,"first_seen":"2025-10-05T14:44:14.421983Z","last_seen":"2025-10-05T14:44:14.421983Z","alert_count":5,"request_count":5,"received_data":11569,"sent_data":2328,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"apis-data-defra11.tcgfs39a2.xyz","ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-29","domain_rank":0,"first_seen":"2025-10-05T14:44:14.422749Z","last_seen":"2025-10-05T14:44:14.422749Z","alert_count":7,"request_count":7,"received_data":143105,"sent_data":3823,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"apis-data11.tcgfs39a2.xyz","ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-29","domain_rank":0,"first_seen":"2025-10-05T14:44:14.425053Z","last_seen":"2025-10-05T14:44:14.425053Z","alert_count":3,"request_count":3,"received_data":22336,"sent_data":1474,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.rbtvplus.com","ip":{"addr":"104.21.50.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-09","domain_rank":0,"first_seen":"2025-08-24T17:47:02.316348Z","last_seen":"2025-09-22T13:17:26.735545Z","alert_count":0,"request_count":1,"received_data":69271,"sent_data":485,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.fctv33.buzz","ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-30","domain_rank":0,"first_seen":"2025-07-23T04:34:19.438329Z","last_seen":"2025-09-28T12:08:38.369513Z","alert_count":0,"request_count":2,"received_data":70777,"sent_data":902,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"804e11f9b3218dab8ce7d4b585cae851","sha1":"4477522526446b5052977f2125dd13e62f87a145","sha256":"63128412d26e85246e7fe349cce27410d1aa5b17d24713f72a5cd54301a1d553","sha512":"b89c10d1405a28fda7e983924f32f5ab94feb56fea6a4dfda923bce2330ce8d3c841975e530fec22e1299cb18e57fe0ec1b0e0ab64ac7ab0ea119f75e9ff4df0","ssdeep":"","tlshash":"e0e05cd556d52400f33760e1850f1556f3428c2cc95d889161a0e228b2a06958ede5ac","size":408,"data":"","first_seen":"2023-07-26T05:15:24Z","last_seen":"2026-04-06T08:44:27.591545Z","times_seen":123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"cde17d144a44437636c4c4ba35000e39","sha1":"f790f58d96a1b074da67ac10055ba084847a91af","sha256":"5d6f27218a179e0908adf6b01eaed497a95bff37de3c62b64cba93d67e3c9832","sha512":"1fef8a0c651dc928834585f5b0a0011923196f16d3946e709a62184b62c6382a115d8a7884dcb7bba08bfa3d4dd312b2ef0359aaca1e0959708e01041d44efa7","ssdeep":"","tlshash":"2031b8ccb83c8219c6610ab4002b3d7665376c08e6953dd765f8d69cf3549c65be63f8","size":1504,"data":"","first_seen":"2024-12-01T17:00:16.368341Z","last_seen":"2026-01-02T03:02:02.712101Z","times_seen":52,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/dabebf01d1.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"43098f4164521ddc7a27f211c4a2dd50","sha1":"ef7103de8a91eed5aafd3aa27ddc571c736db31a","sha256":"0778c3ab9326de6493d3442be83a059aade9bd2b450c49f854480119325ccf1d","sha512":"61f038adeffc8a1e9c9116d818e1d02f2f85f084f0e4a044e5f4bc84606bddce8bc199bc9f4eb6bec7b3844eaf19fdd564b98e137b684877e19eab6729f25929","ssdeep":"384:G6e3fE5VffERtrFJ/C++Qq4puISlv2+Y0vO+bGWGCG6P2oMrEBmZdXl:Gc5NfUt51jtjpi/Y0PFmvl","tlshash":"95f2f075c100e5bcf85cc656ae3d9f2cac3227e8e0ace462a56e701e5f824569c5cced","size":37369,"data":"","first_seen":"2025-07-04T14:45:17.772595Z","last_seen":"2025-11-23T17:32:53.634526Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-JH5Z1V4NG6\u0026cx=c\u0026gtm=4e5a11","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3adf2db99b1497211571c2abff670c95","sha1":"fcd207386ab5ee05f4f94a5f596ceeccb6d952f4","sha256":"68bd60f9d1b1d33ff5791377f7579fa8b78d66c262a53ac3a76d8fac5f055d8b","sha512":"03bc88db27ab39e201e65bb33f14d4fa37be746bddf8b32975d2d0c5dac4c199a9e6330d6a7351e956c48f12df1e6f26584eed8d359f8878cf5a7b2d68a0d371","ssdeep":"6144:lBMZTP5DyYvRC1cZwtgk6dSLd6gZg1X+6RVE:bObdtvIcZwhGE","tlshash":"e4941ace73c674665396e478903f018ba5bb28a2f44cc899f189cce42d74a9a4177f7c","size":422821,"data":"","first_seen":"2025-10-05T14:44:22.579611Z","last_seen":"2025-10-05T14:44:22.579611Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f556ac60d8df9dbb857ad4340eaaf6fa","sha1":"e371855016f4dc6ddca647e8d66003a3ed65cad4","sha256":"359ce6f073839e65cf90a13730cc51b66b01dbb88384f8b116343dbbf5a393db","sha512":"4f4f015bfcfc1f7009eb64372f93e0887a0a882ed3c96972a9806de515ca2ba23a5d6aebaf6d79b3891c2e45c2a0c7cad5106911fc16287a428acc299ae179cc","ssdeep":"","tlshash":"5d11bbc8379c1250b2a78162246b180bf323e90f4db83ed7b5c4dbd16344b506fc9ae5","size":1105,"data":"","first_seen":"2024-06-29T17:47:24Z","last_seen":"2026-03-07T18:55:04.402373Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/410c85393.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"55439211d3215c8e400a46c1e281ec26","sha1":"82b90d06c911ca315ee99463c966da93cbd5ed67","sha256":"8cab7c3195c23631476cdeabfb85181f0abc8027dadac886b1e91831b57f7940","sha512":"89c8b8fd81709c0e9fb4026bd5c9a4dd0b24123012efbef44017808f55bca6e6f51f24d9cefdaf5070fc1f5aaea2667c0731405c24a412db4bdc424e653e748f","ssdeep":"192:jE/9lNw/kkbCSewWJd4oW/kkbCS0Ujb9S/CFScGLoKOgsdQagp:2NakKbewW8xkKb0qSkTgp","tlshash":"68124292b318fd78d679a22bf3312055e83991a3c1dbdaecc036fc50f958b446e505aa","size":9140,"data":"","first_seen":"2025-10-05T14:44:22.552482Z","last_seen":"2025-10-20T17:32:58.157598Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1d73e7bd253a96d8db16a54451d777af","sha1":"923ca4ad35d4a605211bcb48478a684f0c2cb722","sha256":"8ab5082607d0ae8b34724e6d1401ef8924f72884b825be9975d7e128bf0b89b6","sha512":"06260d2188b3f77f6dd1bc9fc013543358c810045c595c839a8c0b001877c390059bc4982a7d72cc60df3c0bdd0fd94e127e65b520b1e1143e45f462e2ded099","ssdeep":"","tlshash":"d7312cd928e51502e6abc1f41467a4927b2d9c0f01fc2dc3bdf8da607398645dce64f6","size":1612,"data":"","first_seen":"2024-12-01T17:00:16.38704Z","last_seen":"2026-01-02T03:02:02.7222Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"dcf1b148d1540897ac96cdf1e981ec59","sha1":"cb9eb0f63e6c49ddd75ed653a24c99a2d32fa376","sha256":"1852ad85971d2a86ce403ee26f9018dcf421703d97b1cc0dd6acd03017c1d2d6","sha512":"bae03b9d30d436015374fb2d311f5f9acb7cec5948a004a51b2f7e9e3fb5b5a03620add367c8cf932e7bc71b04c3879b93fb961df12d649caf41c8db3deefc30","ssdeep":"","tlshash":"3ae0abc572e12800e33310b4d98f2c62b2978c10dd7d88e1e0e4e56cb3a09958bdf468","size":393,"data":"","first_seen":"2024-08-21T10:11:36.03669Z","last_seen":"2026-01-05T15:49:04.783331Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f065f14994d4fc8b420b837937aca1e0","sha1":"7946dd9f1c127ee95f08978e49e78d5f6ef64b17","sha256":"a3a3a5dfeb2da0184d67574b3f5b24bcd5aedd616ca4d2eb4f8f853887321017","sha512":"2145e1b20ecf83b3c1aa146ba548f25f8253e58e308ffadea3c393a6297db4b0b1bc1ece104c278c8668d17767469ee800aa840a52ae768cbed3bba2e28a1bb8","ssdeep":"","tlshash":"c4e026d008e1190083e7b6c560933842f6ea552a54fd7cc197d4cf94307224a901bc7d","size":341,"data":"","first_seen":"2024-08-21T10:11:36.015171Z","last_seen":"2025-10-11T08:59:10.366356Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"907ba5d120566fdfc6b354957ea88572","sha1":"f0d49fa0f2d8fdda839a55eb5878fadee1a1991c","sha256":"63e7515058aca591b4032ba96e1a486940abb0682fc4a9545ba4592d91f3e585","sha512":"3d1ce2f33d5433987faf3e4f637f6c0c8ae41778443929b8454197290305c30f199018688b6464a33a19f56522e8af8a9f5c0643db2bbd432d30cde26737e180","ssdeep":"","tlshash":"d1f09e96f9eac0007f5b7080140d044df125c4acd999d9d07a90c0bab5fc5138fbb66e","size":465,"data":"","first_seen":"2024-02-02T03:21:08Z","last_seen":"2026-04-06T08:44:27.580614Z","times_seen":120,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-0Y1BWVPR65\u0026cx=c\u0026gtm=4e5a11","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5f809c74a15c3e80584dd2c4bd3e04bf","sha1":"ee5321b15acbbb924cfb4d01032c2ac4838a4b5e","sha256":"0602e70d82078725824916d5724afaa38e13369aeb889b3258d5d7390221b9a6","sha512":"cdf58c9a70b08c34c6fe56d3f9a864e9d5a80243d39660030595373353f6d8b83af126a312b7ae76b28ab573c236f82f2f7cd90d0a39425884b1651a67afd5fd","ssdeep":"6144:86ZTP6DyYvRC1cZwtgk6dSLd6gyP1X+6Kcd:8Ub+tvIcZwhGd","tlshash":"c5840acd73c674665396b478903f018ba5bb28a2f44cc899f189dce42d74a9a4237f7c","size":399929,"data":"","first_seen":"2025-10-05T14:44:22.593899Z","last_seen":"2025-10-05T14:44:22.593899Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"bc6843ee96b551348634f82778729bc5","sha1":"ead2746a3842e8f1918f8a8e6504efcfe8b57357","sha256":"f4dce277df89ca54c726287315c2986d0fe057e1654e86334a87c9bbf2ac83af","sha512":"2e7812dadc43c121efdb7288b97bbfb9b7ccd9232fba05f37b3ff21b083353dee716bb15fd74bcc74d47a79bb6630e6151eae189759b36021962d44284fb5b9b","ssdeep":"","tlshash":"27e02bf029ead881923564a08d878248dcbed82f58647cc66ce0eb216194ecd24da9b9","size":405,"data":"","first_seen":"2023-07-26T05:15:25Z","last_seen":"2026-03-18T23:03:40.630533Z","times_seen":92,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1598479b5c42e3fa04f72001d6c7d291","sha1":"748a21dfede4052e4e2526a03c536b55259a5e90","sha256":"0a86a11914b2986b163a4c80924d8c2ad8dbb19565a66246a73c05aadca5dba6","sha512":"930147d5e9b619bb33311c82362cba98d732413337ff8cf0ec7f2cbf2ea6559b1906435aa61c4ea7fe8b52b81e8a16b787e110529e7a4026a3aa40879ff59dd0","ssdeep":"","tlshash":"5fe02bc575e26810e32314b4994f1a6253579d14ae9d989150f1e22cf3a02969bcf5ac","size":375,"data":"","first_seen":"2023-07-26T05:15:24Z","last_seen":"2026-04-06T08:44:27.602381Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"da28da0f75721ca65858a54982a17fff","sha1":"386f7f823750e15c4e905766aeac22ef2122f65d","sha256":"09d7fed9c04996f71bf3e897a45212a2f6d294e7f852fe204f3e9cccdc17f104","sha512":"ffb7546134abe52fd97f8b60c3abfe0bedf03cbde5bc926cb69ef29608ed528c4bde86050dc6e373d5c5d4179a9e6f7444ec42c2b2201acdbf3b3bbb973fd6e0","ssdeep":"","tlshash":"ccf0c29438b65102ea6687b4207778f66e2b5c1e02a92cc33dfcda94735810599935f9","size":592,"data":"","first_seen":"2024-12-01T17:00:16.313819Z","last_seen":"2026-01-02T03:02:02.710494Z","times_seen":89,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1dd0f5bf6cd3b92ba4681950cfe961d9","sha1":"632f1f1c3fce96023267e219c66cb604e7edd1f6","sha256":"5229d19f0ec947e22e5a74c6da8ebc552c6ebd645b7b154600627ee85f4f4fdd","sha512":"91e2e9b1ba174eaed50f3caa9a0e908adc011808789f295d2906648d35ba36bf1bef98f3e2f53c2c6068a1dce47c8984b244513aaa7d74853e09f82abc49f4c6","ssdeep":"","tlshash":"521150c03aac19dc27ab82a035cb1455f70bfc4e98bc6ddb09c85fe082a06556c42778","size":1006,"data":"","first_seen":"2025-10-05T14:44:22.605636Z","last_seen":"2026-04-06T08:44:27.56154Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"957f6d11a00f60f2c031229680093117","sha1":"6ddc327b522e0e337b1928518058cf92b21c6a06","sha256":"ce3f8b513491bbb1ab27b3dd8117a793fb513dd500c81a542cba90ba4e77552e","sha512":"06486f3c27f59d60d316738f6a1e62ab6dda813e0755a610048c5a2ecdfd8157f364ad48250043f8b71ea70527ffdcdee6dc788d2c53c9ec051c048ea0ed9b87","ssdeep":"","tlshash":"2c112bc405b49e53a3e7bbe411472086f76baa0e21f97cc079e4974031506cb145e97e","size":1036,"data":"","first_seen":"2024-06-29T17:47:24Z","last_seen":"2026-04-06T08:44:27.595232Z","times_seen":99,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d487f31319db5d0bd94ccc821996cffa","sha1":"52a674fc3aafa2dcf34b1f551af263b298be2d39","sha256":"39454542e4cfa352544f50102ec0f5bcc35d9b4571035d194810cb33c1953dc2","sha512":"cfdbee359fff7d16eb2fc3348ebd75dc628e79037a14cee2c7435663f91bca1ea3abda46e0e13ef81d4cff292011c4b09365a2e31ea545d1d16ecae85d81d616","ssdeep":"","tlshash":"722140c924b91502f6a6c5b11463a893bb1d9c1f01bc2cc3bdf8da607388645dde34f6","size":1354,"data":"","first_seen":"2024-12-01T17:00:16.209296Z","last_seen":"2026-01-02T03:02:02.771651Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/b2b11c7b87.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c8eafba818580968d1451f14b44e9cc5","sha1":"efa41bdd9d34575ed1b15d5908b2e3dc6fedf417","sha256":"a92c8ca33b0085e6fb74f4136cd628fbff78909fa70c789be800d28a4fdbefcc","sha512":"5ccc79fe62dcb348af8e47d1c431b1873e157ef928cbc0f28d03820b4277d505b2607b6cdfc7bda6ee5688eb3a3d2d00fc52a26a3c7f85d84567d53aa5c068dd","ssdeep":"","tlshash":"d461b75e20181bf593d56e77fa1e90c8892b085b62c1ecb1d160cf15ea7bb0c5473d59","size":3465,"data":"","first_seen":"2025-07-23T04:34:24.860838Z","last_seen":"2025-11-23T17:32:53.635275Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"4c3f5024655c01f9fb166712f525d786","sha1":"29aca177b2a3fbb77c5f7c6fb541672e098ee12e","sha256":"785989a01d41df84149891fe93acab23ae2d618d54b578a444d1d02af7b0cc19","sha512":"b087e8117fd16324676ab1530ca78eeffa5ff6eb65626be00704dec33b9c305c28eb14e9a084d59ebc5d6df1d353a3bfbe7c8de94b1428a4e33d8e29e035ad9a","ssdeep":"","tlshash":"af0129c27599190466e7c0902097e883b30df80b89fc3dd3eed96a61c398559eca3576","size":844,"data":"","first_seen":"2025-10-05T14:44:22.610245Z","last_seen":"2026-04-06T08:44:27.577195Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"4c14750c8990a4ccd9eeaa85c629b1c5","sha1":"11b7cc9d589a472b3f82ab17135a892f6740d519","sha256":"d2a4a9dbbb35c07144c6acd942d36c3e0ae579f404f0987925fef3ce6d0e9270","sha512":"ec58a6a81bf9084879963fb24d2dfab05c21ceaa7078d22a00fd40e476cf573edfdbe1510e06092a94d744b8c8d5ddbb829b70f3178e7d09e967dde00a8e077c","ssdeep":"","tlshash":"b5f0f6c875b06400f33614b4c48f29a263564c04aea9889264f4f26df3a05e98bcf2ac","size":499,"data":"","first_seen":"2023-05-27T20:30:03Z","last_seen":"2026-04-06T08:44:27.619352Z","times_seen":98,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"8f9300681a807ae5e0e3b405c95f9f77","sha1":"9dd54989d70cb8213e57126fe38772e4fc06f44e","sha256":"37c43fbce7b6ea37564027cf015956bae69e48ea7ca8f9ec6821032c719e72e8","sha512":"651248dfdcac58c61ad38cd1b5d6f76524bc941d90dc0e1dbb15f2b4adecd9acbdccbe3d016535a749585c22151739c99ccf488463531ef8b29634f430609d03","ssdeep":"","tlshash":"4a016bc808b45e42b3e7bae050876487f74bb60f51f97cc17ae4978032506ce145a5be","size":820,"data":"","first_seen":"2024-06-29T17:47:23Z","last_seen":"2026-03-07T18:55:04.396845Z","times_seen":62,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"488b311d965c2353f70aa36f0f2d783a","sha1":"277b2ff754c9e0bb3b243624f67b7c642745e10c","sha256":"a946e748c1a5f3f9eb40261b55e984c51d4e31064eed55c3576a7c562d4d898c","sha512":"59c61962b948ecc46378962b200765d7e80c12ad7ec2d00a16d4d80612b11db74e5e9e544163f217fe804413a184b60e1d4842988fa671521fab04837bf5166b","ssdeep":"","tlshash":"35e0d8c02add5155e3b2b05530973803f1f1881f1cbc6d8147d0dd7435705346d4a9ad","size":356,"data":"","first_seen":"2024-08-21T10:11:36.019718Z","last_seen":"2025-10-11T08:59:10.354262Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"127a205519acab3c5b732b7d5adf5b8e","sha1":"c3ff7dc85fd2cbb2c8f61b38cd230817a8ac1850","sha256":"bcecbb3b9174a2f29b75aa66fb43eb885e2194b64c98ae6dffff623b02f6ba81","sha512":"7e956ae759d51842b7bb85c0f387d3856c7c1ad13932f711decad64a2acb4c5705611d97bdb3935f3c4312ad3d1a3934745f1a1569f664b299265fc9fe8cdec6","ssdeep":"","tlshash":"14f02eda28dad4445697c0e06813dc46f21ca51e84fc3cc5bde0d860a2cc665e8a2867","size":471,"data":"","first_seen":"2023-05-27T20:30:03Z","last_seen":"2026-04-06T08:44:27.605124Z","times_seen":144,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"30145169cc11173a729d24e95c3b6ad8","sha1":"6d46a3a23ad7ed0aa73767fda6886a2711f7e1d8","sha256":"16d9da55ebe842e289861c5b20b97e06c523a61f70695610073b0b42f8250423","sha512":"c9e48c6c663a5886dc1d1370bcc0fc4e0115882bcd4493790079f1fc80fda0d080588e9ded43f4703e295a0e2d27111c8ba44ba7631c1dfd770b2bacb6d21636","ssdeep":"","tlshash":"aff024c975b16400e33201b4988f29b167479c08ef698c9644f9e36df3709da5bcf0a8","size":496,"data":"","first_seen":"2025-10-05T14:44:22.615406Z","last_seen":"2026-04-06T08:44:27.616773Z","times_seen":58,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"13316b3d6a468239ef9838f9b39aa61a","sha1":"c25757427afdecce9f1d10a537d65a5ad6ed333f","sha256":"d1f26f4fee51ec3c68b72808d1147444e4239c4d6dc1260baf47f4f5a73dcfb7","sha512":"c597a784e031e2623afa780c0a5f5f52d8462af865e006e269c9f852cbc37e7422dc21e37b7e8ef54fd79d1c8375bf5d07da40afaea9034d6495fa6dd7b7912d","ssdeep":"","tlshash":"9e01e9d038b51001f266c6b0006368f67a2a9c0f02bc5dd37dfcea647358205ada75f5","size":834,"data":"","first_seen":"2024-12-01T17:00:16.373147Z","last_seen":"2026-01-02T03:02:02.740146Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-JH5Z1V4NG6","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"57fa741a1cad9db55c0c9352d05a4edb","sha1":"e17b77f8b2ffb3cf4b68eb36c67c707975ae4941","sha256":"1af8757e296da011120d0fcf26eef26118f16ba0175bd758f04c4a11ab3b9867","sha512":"69fa2bf49fb0c556b7aa092ca520c7563d586afc03fea816a3100b5511e7285e78698c4e3618ab2a9ccb10f9fd5c908608efa7485a36969e56fc0f21ea2e4091","ssdeep":"6144:lBrZTP5DyYvRC1cZwtgk6dSLd6gZg1X+6RVt:b1bdtvIcZwhGt","tlshash":"f0941ace73c674665396e478903f018ba5bb28a2f44cc899f189cce42d74a9a4177f7c","size":422782,"data":"","first_seen":"2025-10-05T14:44:22.518333Z","last_seen":"2025-10-05T14:44:22.518333Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/42ee472eb72.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"41b2b43348564a1b3918652ab30efcd1","sha1":"199e2dfb56375f761c19b02de2ddf146e080469b","sha256":"3bf3944ec1addfdbcd2495e2845e296800b9783e10678f43744d3039dee3cc9a","sha512":"e9f6cd64354f114ba6deeaf09528150550689f2ca364fa3cdfb72d2b9720f0ef83caabba99ebd6f6d44b3f3ed4aea16714700ffd58f4db3a4e75da351e9801d8","ssdeep":"96:WBBBGlSgsoBCFnQvpbBKwlRfeckUmjR1d4lL1Y4/MvpMBuNE5xqgKu:WBBBMSgsoBkcpbBKwlRTkUmoY9MBlt/","tlshash":"bae198682630e77d4bde29f7e93c50786da804dba58dc8b8e4a45d38b71de04c219c6e","size":6804,"data":"","first_seen":"2025-07-23T04:34:24.84291Z","last_seen":"2025-11-23T17:32:53.613756Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0eff048a5f0fb066b72a4128a13c1e51","sha1":"3e3d042be03d68b2a8c08590b403d7c0a6c31f61","sha256":"448e0063a69e24cc3e19dd2b729a648b93ba11244d8c4c82701f58ee7084cc85","sha512":"365be40158fb4896343b737a6ccbddfd749c66b905560e51c4931b2b94bc554ed0b2cba2fc52e75681cf8d702374d5d5e0d8af77a427507bad943016976fddfb","ssdeep":"","tlshash":"6ce068ca7bebd00022174890184f2845f12988ac88dc9cea1ca0e2e170cc157cfda8bf","size":374,"data":"","first_seen":"2023-05-27T20:30:03Z","last_seen":"2026-04-06T08:44:27.548974Z","times_seen":143,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"ac40da6ef6a44aa1461dafe777432dfc","sha1":"e4217686206de6d38febec00ec89ed31d29c0d23","sha256":"77a9d6559cad49c3a4480362192676a70424af320ef560c1468358f0503655ab","sha512":"db1fdc97740dd9e0e17deb3c4aed98b1f777a0a444e542364c7d0122d843e47f18df93c485f8f4ca45accafc26edd3f06d4a47cab82029c356bbe3ac81ced5a7","ssdeep":"","tlshash":"d34108ccb86c8215d7a20ab4006b397665235c099a853cd778f8d398b3549c66be73f8","size":1952,"data":"","first_seen":"2024-12-01T17:00:16.358495Z","last_seen":"2026-01-02T03:02:02.716224Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"19d6b6aa3827a348673d0af3638bbab0","sha1":"235c25224a4aa70dee564396f2be2f1faeedbcb5","sha256":"7a9c0d2e7d927d51b200cb3459e7d83b84ca16d9fdbd7c061ff72bb66de42e36","sha512":"ea2a1bf4c7b3884593ff0ebb7e829a6d3ccd1100e34d3d4592b03544e85aea97c75f4e722d7b141ed7db85d128c2c3dfcbf65cbde5760273188e993e2e375f9c","ssdeep":"","tlshash":"453109cd78688719cbb61bb4102b397645275c18aa863cd768fcd398b2144c717e73f8","size":1781,"data":"","first_seen":"2024-12-01T17:00:16.403048Z","last_seen":"2026-01-02T03:02:02.770849Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"ef607affa1e52b84f2ba91131d900c11","sha1":"5490a0d7757e9f59d05a8138edcc3ea31c538c0b","sha256":"e58ffc7e9997a02ee0fdf9bed545477441cc6f5ca9d0d4ea734853540167be05","sha512":"0b58005e21c8bc714eef9e88ff29814547f893b6de6967d6e6065512e2a1ba61098282c740815d323ab021615e1621baa3fdd9403f85824b5d3b8e60973483f6","ssdeep":"","tlshash":"39019cc56aa065c05bf3006050cf0201e113bc4864dc1cb79ee494f46660ec17d9b730","size":685,"data":"","first_seen":"2025-10-05T14:44:22.620577Z","last_seen":"2026-04-06T08:44:27.578689Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"03d7f2ff1fca0af63b0505189dfb8762","sha1":"bc39b48b63d3fa7319022960f6e46bd218588bfb","sha256":"d619935eddb0431acc3cfed81e7f70fcefd9b47f3b852d07c9ee8c0fe664bddb","sha512":"efd85d72880d2732eeeed68f50eefaea23af6ec3e10f0407ad089bff810cd38242ecb95ff27c19c9973d4fdebfeadd368ba493966846843668ac8450db6ecf57","ssdeep":"","tlshash":"8bf0448036ac444022bacde010ae280bf223941f28bc3fc2b1d0fba451582281dc9afa","size":614,"data":"","first_seen":"2023-05-27T20:30:02Z","last_seen":"2026-04-06T08:44:27.55893Z","times_seen":84,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"94fe12d0484a6829d02091ab1ab65211","sha1":"1b548809429ee8f4a71cb71f7450a91e6a9bbea6","sha256":"a4ffc5d5d8eec652f6cf841d90ed5f76be1a6c0431c8d5a2f4e123e1a9f4d958","sha512":"7ebded58ea774c94dbce5f5a9b24db88a3fa2c3f45d51cfe402b9f929ca5c7cc434c5f2619a6724a4b9f52afcf2ea7644fd576746ac260b143e3297f7259ba6c","ssdeep":"","tlshash":"9bc080f7359f7100d35667c90d8b304450258cb89cc859c065f4979238d1715214fcb7","size":164,"data":"","first_seen":"2024-08-21T10:11:36.008815Z","last_seen":"2025-10-11T08:59:10.336899Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/dbcb5d1d92.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a0c664a32fd20909c2f0719d3b9add9","sha1":"76f20f5bcd846a262b756647e58c8f954e97120e","sha256":"d0a5f105873d364ac97a5ab697d3076b94453c3c98ee6b3e03212a22b4c71f8a","sha512":"479c1bfb9656254e5869f1cff0e1baa9c983b460fbe481b5202244f9f16c51ff758eeff1e6a4046d0aec3951efe2b87883d57e41d5770fe27fffd300090c3efa","ssdeep":"192:WrPfOF3kGohwGrfnR0cok2nriQ9nPiB12Qu73ykCJyIctctZ4p:WrPfOF0GohwGrZ0++iQpiB12j73yyxu0","tlshash":"6d12b5b86574d3bc13c906b7e9f66120a9b9044eb44de8b0f0bd8d75bb72708d89083e","size":9346,"data":"","first_seen":"2025-07-23T04:34:24.856507Z","last_seen":"2025-10-20T17:32:58.180439Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/6f4b0609910.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"63d1ea7c0f47191d7380359ab0d1fd58","sha1":"1a872905d49b4d4e840a68c463856ff2600be156","sha256":"97df20c0529139404ffd8d344ec726aaccac7bbdef73c0c4d0415f7f1fe840cc","sha512":"cbcee0855a966905868cf513f80b846d0e229252ad90bf4fa1a88f357f6a5b3804b1faebfc67ca11632ef40428bfc5e58b6560d0e368958a2d013ca53a14c4ef","ssdeep":"1536:uA5Jz1rzAr4rqG/mcI/V1Ic/41Ic/tcI/2uq8S4Xe:uOJz1EG/mcSjIuAIutcS2uqx","tlshash":"6063ea58a295f6fc4b9615b3933b6058d57b1ada70c8f830e272cfe07a34285d529cbc","size":71905,"data":"","first_seen":"2025-07-23T04:34:24.834526Z","last_seen":"2025-10-20T17:32:58.168013Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"696932b62e9421569dfdedb69a6dc8f7","sha1":"14378cc51fe4cfe05f4ad18878e9529e0e67e94f","sha256":"86606565ad988dd0fe3d15c3256df6c332eef60b13cbcc28051263987866c8a4","sha512":"aa823e3ae53e7d3e1732637ba6147a5b80bebc3a9b8a67e25f84f94769bfa6383a449b8db4d349c3216cf468502f6fc03a7076b136adea9e0bd9c83304c30458","ssdeep":"","tlshash":"2f0166f6bdebc004136a48d014290a4df427d87f258498a8a990c4b164b5d46cfaf6fe","size":794,"data":"","first_seen":"2023-07-26T05:15:24Z","last_seen":"2026-04-06T08:44:27.605997Z","times_seen":97,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"08768ffedc272f56be1b6ded58aa506c","sha1":"1e9a54dc5c65e2593f62d6fdb3d840f008cc9864","sha256":"9ba177bcf7bf28c7db8d9e3a27f86e51e3ce6d7198497135e2677d062bee7d81","sha512":"8febd38d56bd835f57d2a0612ab6c4310f2fc8c91bca5af3c6ac2cdea21e7e7daabda2afea7dd8021f4c641d951ab26701fe080880ca280eb0d85e9ddc5d59d2","ssdeep":"","tlshash":"28117bcd36981b21aab6a660306f1407b3139e2e4d763dd665c8d3d192452c019c9aee","size":948,"data":"","first_seen":"2023-05-27T20:30:03Z","last_seen":"2026-04-06T08:44:27.586753Z","times_seen":93,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"c0733627bede5cd138d79f2e0408cdcf","sha1":"cc9714260c3b7caf5e5152913c6557ea9f57a49c","sha256":"49cd9075cebab64fc5929b8d33bc560f0f1f36dfdf283755ae3199703248a6d5","sha512":"8112c3c66b008514aa98d44d3b03ab328c16d1d1a7ffc724bf93b9d863600289e65172ed7d1ce289011217bee0c41a71ae380b0b3fa66dfce285c0602bd772e4","ssdeep":"","tlshash":"afc080e6316f7100d35677d14c8b7444503485949ccc588054f09b5334d1715321e5f7","size":158,"data":"","first_seen":"2023-05-27T20:30:04Z","last_seen":"2026-04-06T08:44:27.594135Z","times_seen":97,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"fa5137cb8bfc62804b86824218a285f8","sha1":"1e184df54ec92153a82a5162e8d45d399409ffd1","sha256":"ba46cd8ae43d9af7817c85e8abd034c19c3401979eb11139447605438bdd84cb","sha512":"e4ac92f70eb88dc68184510e7b7dfeb1e8c97f7022c2f6d26414e616ad71383f78ac74d9c7c97464b4f59b748d9ec231d16861adbaadd77f27e09cf45e2dd73e","ssdeep":"","tlshash":"1cc080d6355f7140e39627c14c4b244450248494cc88988054b0db5238d1315210e5bb","size":153,"data":"","first_seen":"2023-05-27T20:30:04Z","last_seen":"2026-04-06T08:44:27.603192Z","times_seen":141,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aaaaf24a0f33bf7ad140aac567d05781","sha1":"1aaa0d9a1204766e497da893b12137bb24db447e","sha256":"9c2ec565eb00710ef17c30facb570168966b8f899c2b873e87c862778e5680db","sha512":"0801f7f1dc827427b6e7b2908519fefe9956b2ded84f302b7b364b89db7ce0373b880ebc85a4fdefc3cbd6425a8795dc7b894416b1a1cc3c48422e111b1c1eb5","ssdeep":"","tlshash":"c8f0fef438e6500461b6c0b059074b457a69981f45e85dc2b9d4c870e5a4644acf757a","size":617,"data":"","first_seen":"2023-07-26T05:15:24Z","last_seen":"2026-04-06T08:44:27.566525Z","times_seen":101,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"e43f0717009c712315f78a107ce05f6d","sha1":"68126ebeb66256bd48ad3a8ecfb365eb3c842e44","sha256":"5a61f4a9f95e8c5555bcca3fcb7d37f1f0cef075a52f4f4985f262864f509b72","sha512":"b456b063ceb55ba272c1ecc69e031aaf073a75bc39580455d11e303a1fa05ae10d98940c72e386ec4716578f6c8ce685630fd491b17d768e2059b172328aa470","ssdeep":"","tlshash":"fc2159d823dc1256e2a791e9205b1407b2739c5f1cfc3fc6a9c49b9171642041cc9ab5","size":1324,"data":"","first_seen":"2024-06-29T17:47:23Z","last_seen":"2026-04-06T08:44:27.547924Z","times_seen":91,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7ac92cf511ce2ce8d38f7d980c6fe580","sha1":"ae451fd4030fb621ebc1788a0d7e8f0f6f85f99d","sha256":"a4973cd8943ca66ca1e6914c377b3a630c03bb8dcbb6ea2908aefae07073330d","sha512":"9333dfa693b1c5022583e0870961aab603b15233d5b958b117fb9ffeb7936afacc5682b0b1114763f32528ba53939055260be1699c1e72a8968196b5339feba1","ssdeep":"","tlshash":"02d02ba024d5d800a72a71e1884b814cf2289869d8682c833ce0a718729595e14fa87d","size":262,"data":"","first_seen":"2023-07-26T05:15:24Z","last_seen":"2026-04-06T08:44:27.582458Z","times_seen":124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"a62b12f587ff1f859725a2b28ebe342d","sha1":"209ba731fa65dd394324be5c2414e5d8ea3c68b7","sha256":"65e8fe7a4b54f057fb37e1b4277663e736f2af93e179d76cebcf4e5e2c36b7a1","sha512":"06d35b09f3d7b466255bb3647036b540e6d5def08debeb1938ad07de0fe6040d51418349a09b27addb53102475ab9bbdafef315faf05ab5c7160712d6050b11a","ssdeep":"","tlshash":"65c012da32ae6100e35667c14ccb6184512984a59c88588065f0979238e1355254adb7","size":171,"data":"","first_seen":"2023-05-27T20:30:03Z","last_seen":"2026-04-06T08:44:27.572433Z","times_seen":100,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"8a031c04aed4d47a689d533fa6090b44","sha1":"22958b1ab98734bdc4908244cfb8d43943479917","sha256":"60567e421c95cfaf53e53b95bbe3b91234011ad0d5a67548c8645dac6518c6d3","sha512":"79b0962128fb1bd61611e71df4dd6937875b2fc6b21d3618a6ada3106cdc389cceffeb6726c961b95e5802442d0ae4f0f91b7f8aeabb8978793710303d4b88ae","ssdeep":"","tlshash":"36e07dc060e05d112bd7bae0205ba84ef767961e50f93cc025e45780314115d10195be","size":312,"data":"","first_seen":"2023-07-26T05:15:24Z","last_seen":"2026-04-06T08:44:27.589785Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"081f4b851602f54cc00b9e909d519fbc","sha1":"bb96062c5a45b998ebed1e3bd6646e3350c1a177","sha256":"7beaca19c3fc6dde128f9961e57d1d3494cec9483c67a9094a193b3ead7a5b35","sha512":"537edd5b9c3fd7412f3dd94f995af2e6dd23980572631ba49f0ae5c2f3c65f71cf7dc3a1f9e5f9f56f4ec8b7f7f18c1b48f287a9bfb7f24f5add3fbce46973ae","ssdeep":"","tlshash":"9cc012da329ea050935627d10c8b2444542885e88cc8998158b0979234d5716a54a8bb","size":175,"data":"","first_seen":"2023-05-27T20:30:02Z","last_seen":"2026-04-06T08:44:27.557347Z","times_seen":143,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-TXMZ5WN2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3db5abcec2c404fd26198b3e13286d14","sha1":"bb9f8371dd66abbbc6b98a01f27ebe2d5dd6670d","sha256":"f50dac7a315874300dd1836fcf8e5ae0bb9dfb2c988fbeecb309e561ba59d5d2","sha512":"248812838b01d0d061da150a3200dc465910fc2ade08eb01a1af471e2413bc5af7f4a81f1c005110965dfbb1e5dd6cda21179f657c0390ec7f7ac5fc40af3770","ssdeep":"3072:JbcUV2o5qmTaksb0GIOU3Ty9durXx9COvCVJ+cvXIcEgk6dSLd6I/suNDCwZG:jZTzDyYvRCdwtgk6dSLd6g/Cwo","tlshash":"ed6419cdb3d6b46283a3a478403f018bb17b68d2e44cd895f185d8d42e74aaa4277f7d","size":314275,"data":"","first_seen":"2025-10-05T14:44:22.558054Z","last_seen":"2025-10-05T14:44:22.558054Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"fa2c6879bfadf00020fe70be42eb0722","sha1":"977ae1989dbd8143f7de52ae6682744b6c5eceb9","sha256":"b7df9285369d5442d673af7e553c8d50f590f2bc273e3e103873ab012497f8fe","sha512":"a53c57b139c2d0f1de24650046dd80d12c16bdd2553043e092dc48d84a8d97458164b560801dd544a90d9f6b87d359f49399e3b8c96349bd5d042adb4461232e","ssdeep":"","tlshash":"eec080d6319b6100e34b27c50c8b6044503485948c88588054f0975234e1315221a4ba","size":152,"data":"","first_seen":"2023-07-26T05:15:23Z","last_seen":"2026-04-06T08:44:27.597158Z","times_seen":128,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f0ffd3b7c2574ac324603ed00488c850","sha1":"623e76c36aa2a886542011e28412cc761d7ceb01","sha256":"c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154","sha512":"436f9fb4816f6975fec0d965dfc0db4c3c38c53632dd4dc99a6c1a2dd9562fbd67176d0118549ff573c97e3394bad4d601c425cf670acab249ebc8d260591fa2","ssdeep":"","tlshash":"1540000003c00000300000c0000000000003c00000000000c000000000c00000300030","size":7,"data":"","first_seen":"2023-03-07T01:03:35Z","last_seen":"2026-04-06T10:16:37.274072Z","times_seen":64501,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"60862cfa2e80d0befd8f852d676d21c4","sha1":"e885970d1f6b09908957bd725d80be120d2daf02","sha256":"84beaf5615053c9d82dfcac51f2545b68199d93f633b166a8196ebe63fe9cd0b","sha512":"1f9be85361563359b6107c0c894140ee1b5842c68ae00266c9ddc6a3918277c33e88a1fa2234da623b9dadf2c550ceaa974c2d43778540b306d2d399db231ec2","ssdeep":"","tlshash":"0be026c528f2d8019256a9d088475488f599a2ade0fd6cc749e0b720719855e08af47a","size":336,"data":"","first_seen":"2023-05-27T20:30:02Z","last_seen":"2026-04-06T08:44:27.590725Z","times_seen":145,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0b022c05d979bfdbd510c37ffa59f226","sha1":"fd3cc532ae7c26760e14d4f8d482f1f2979252b8","sha256":"f1c583c5313c4d325f78ce2a6d4ba75eeab64b9f36423462c5c79222a83097f6","sha512":"380417bf37b73a77c4521ccaf7ac88f22736348e3430f50c86f899b558062f3881afef2296e8a211b1f21878a6fb9a27cbc7be7c7e5ddc76958b4f29ffb933bf","ssdeep":"","tlshash":"49f07dcc58f05f4167e7fed01043648bf356a61e55fa7cc12ae4978031506ce186e57e","size":626,"data":"","first_seen":"2023-05-27T20:30:03Z","last_seen":"2026-04-06T08:44:27.573144Z","times_seen":104,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"cfc9f76baeec4bbec89ecc980ab155ab","sha1":"673e0a21f2f96c78f68a30895b6df34a83181632","sha256":"8eae1baa6c520a8648cf92e012fde2a34874de37403e7e57e938de032d370442","sha512":"ccf3c0d33bf177dd0498c00f8000163b8bd283c3ae37b19bb6162263453001d6a76a7e425fa03e865c42f59a64e95d35b911237f88d403ed295d741a0aadeb4c","ssdeep":"","tlshash":"a5c080e7319f6100d357a7c54d8b3044502985a5888859c055f0a79234d1715214e8b7","size":162,"data":"","first_seen":"2024-08-21T10:11:36.044962Z","last_seen":"2025-10-10T13:45:36.975649Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"060ebe1c30861a2969de410bf2f019b4","sha1":"1d4961379e9eb0630fe641ff04005bffbd16accf","sha256":"850896ea50c824db471fc3649fcfaf9b0ac1456baaadb4a18a52502996b25e3c","sha512":"5d7da5f20e28750536df5a7b2f30712618b546a6b751aef3083a81558d8c5659b61982d4da98407f9180a7007b2c5db319f24577c26ff9b14c258801192fdfe6","ssdeep":"","tlshash":"97e026a026ca5010b267b2a00c0b000df322803cf8596d832b80c071b5446204cf9cd9","size":295,"data":"","first_seen":"2023-07-26T05:15:23Z","last_seen":"2026-04-06T08:44:27.583567Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"c9b8c476a62798dad6293ef6f6767490","sha1":"9538589d76e1a6e6f4926caf0a996b753d78ff89","sha256":"4926fdd00d2bb7dc6aa4ee9958c4fc9dae255c4d1fb2531da845c1f3a37ea6dd","sha512":"5380e638ca994e9a67c53f5cb265d7e50c317b0b3c5ab9b2be4f7cf9df921ca07381ebfed380a8fb0d5b0652d2697c9820fcd02568c3507df088f9b4c23529dd","ssdeep":"","tlshash":"56214ccd28b51602eaa6c6b01463b4d3ba1d9d1f45ad3cc3bdfcda507388585d8a34f6","size":1138,"data":"","first_seen":"2024-12-01T17:00:16.284171Z","last_seen":"2026-01-02T03:02:02.717Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/8b8bacb9a52.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"47543ddf6ebd58d312edf3cbb0e045c0","sha1":"5c1acf26527a28bf5be3cf5793e2256be1fe46c5","sha256":"73498a0cff156edf50b1d0a0fd82f08d7cac55dc2f471628e62afc1e63d37793","sha512":"1eef0cef945121a28301d1090ef1f7a21cf9317b31b3b06f3b630eb8cfb41f721f170903489c26bf046ec783d7a74e6e4ed952826212142dab6642b0fb51d6af","ssdeep":"96:GcmJzSEq3/gpLM9MupT1VTLVCXChmRLEi0yu6POx6I:GZs53IxiPhV3VGVp50yu6CP","tlshash":"dda1e91c62159efc03d76f73e66f60cad629244e6180f8b0e250dfa5aea5b1cd073c66","size":5083,"data":"","first_seen":"2025-07-23T04:34:24.855479Z","last_seen":"2025-10-20T17:32:58.136836Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f0ffd3b7c2574ac324603ed00488c850","sha1":"623e76c36aa2a886542011e28412cc761d7ceb01","sha256":"c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154","sha512":"436f9fb4816f6975fec0d965dfc0db4c3c38c53632dd4dc99a6c1a2dd9562fbd67176d0118549ff573c97e3394bad4d601c425cf670acab249ebc8d260591fa2","ssdeep":"","tlshash":"1540000003c00000300000c0000000000003c00000000000c000000000c00000300030","size":7,"data":"","first_seen":"2023-03-07T01:03:35Z","last_seen":"2026-04-06T10:16:37.274072Z","times_seen":64501,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"43d0f0ca61ca5d664314e4550392aa10","sha1":"b149fffc1a280816a579ad7822a425b6749673cc","sha256":"1ac01e97156dea8541cf4b1469f7bada37ef52d05d9d1be55e7af531c1dbdb09","sha512":"164d92ade4c8676a0fd89afa6bfdc5eb3d5d3b5f6f7ccb08b7ae52df86d3f48d5ab72e74fabda0ac392edb2084029ea938c01b48acd9dc17613a831eed1d6b57","ssdeep":"","tlshash":"b6c022f7329fa000b38667c40c4f2084612ac4ab8c8a8884a8b0c7d224e1715692acf6","size":191,"data":"","first_seen":"2023-07-26T05:15:24Z","last_seen":"2026-04-06T08:44:27.575734Z","times_seen":97,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f50d747b0c6ca063ec925b5bf0f0789b","sha1":"bb76f0ebed67b97afc1cddbcff35e9c77d58a4da","sha256":"7f107e9b5a193ef1d4ca4954a17395844921f2190b628b4d64e8bd372cc987c2","sha512":"617ec4e99e02d8d40e6fe4b3e009b80eacf9462077645be723d8cac9da33c882e53eb4d4df45df7ebaa12d460830fea4e79a92b0ee67e688656c73e8e9575744","ssdeep":"","tlshash":"a4f0a7b02ade5190916681e00c0b0509fb77943f3d596e87ddc4d4717445f501ce9efd","size":455,"data":"","first_seen":"2023-07-26T05:15:25Z","last_seen":"2026-04-06T08:44:27.593149Z","times_seen":91,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/608a27fcc14.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"28243ebce673bb6513f90b52057bab7c","sha1":"7c9e6c49cc20946ec976665e1bd54b24728d9355","sha256":"ae766b8b42cb3f0859eafe17f4765173db919100b02dafcace0159ce0ea82c22","sha512":"e87272ad6c85228286c3d4066d0730c74bbbbffaa3383a5e56cac96fc5ef96a8fa547cf26f02d9cb114dddf66be91c36cb6c06f6ea99b17f0b9348b70361dcc5","ssdeep":"12288:YFCkWD+oKkwXJmRYUfGSmpH43AnAOfqSSAK43k2buL5o5zH11f+1eSCF1wnDMQSw:YFCkWD+oKkwXJ6YUM1f+1eSCF1wnYQYg","tlshash":"09d45e14e328e6a4a37221b37d2d214765a91ea165f8fc12e3cafcb438d4749b07f59c","size":615259,"data":"","first_seen":"2025-10-05T14:44:22.536335Z","last_seen":"2025-10-20T17:32:58.155371Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"b4b974bc8e87a9f59eccbfca92ae2f29","sha1":"fda00ff4dcef8915bee718b422e96873a49898a3","sha256":"680febba0525bcca51dcc1d92dc39ccc7872cc6acba75a3ba595aadab922bfd0","sha512":"96eb8e7918f176b748a44c1865c3adb78186595d41ef9eb4b8f0aed77dfaaaf955f25b962aa8daf399efdfc80a96da0c76668a62808d5a959b16ed2efd44195f","ssdeep":"","tlshash":"66c012fa32ae6010a35667d14c8f64445025c4a5dc89988068b09f9324d5716294eaf6","size":174,"data":"","first_seen":"2023-05-27T20:30:03Z","last_seen":"2026-04-06T08:44:27.607842Z","times_seen":115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"4e2a455838d41bb2a7fdf5050b7fceb4","sha1":"6ebb74cbe2ba8a24db792bb88887fd2054c15477","sha256":"bf1556a5966a4238f7f21a53917429c72fe32a8be0dfd0c7925e38241d443046","sha512":"2599adfbed44f4b56190b450e1d875f5164f76a00949c99c771debaab14f12cf240cc3abfd46cf2d0203dca012e8a3c2ec36fa1ce3017889b9068088632c5e10","ssdeep":"","tlshash":"dd0136ccb9b45410f33240b4488b29b257479c04ae999cc258f4e359f3349da4bcf6ec","size":821,"data":"","first_seen":"2024-06-29T17:47:24Z","last_seen":"2026-03-07T18:55:04.390697Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/263acc2270.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fd4864b00f84b3805b38698ae67a6540","sha1":"d398c9de0dab73959d4453817659261a8f1ee993","sha256":"b8893d54a506b1bb58db55602eefdab1cc6a5e23b2761485458a965df5484e7b","sha512":"0dcb39fdcebd54cc23a397bd53151c933377f4abde172b7e0ef6a0191e54c013e9aa0ba1e0ca4c8562eb91981e948f2e99c8c8e6a4b7cee0a967cfa6c6a8240c","ssdeep":"","tlshash":"1731aabee195ebf04b36517a63779219902f022b680838f0c1b866a4939820ca476e7c","size":1687,"data":"","first_seen":"2025-07-13T14:59:37.172901Z","last_seen":"2025-11-23T17:32:53.607229Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"112a54c0a259b2bbdba2e167c4c1b3bd","sha1":"25b9d8649e98a6391885a00240e456614dda3991","sha256":"000f5dc5b606ccd3d207fac18b86c347f19e7aaf0b3a15c9f9f8d381cba7cb79","sha512":"8dca7627c76273de6dd0ee9ae26998ee09a57dcaf1e1535ccc0d28548ef4be4ff488e796886f9236f72c6e2d3893bf4b5972222f13c747259a2e388063c2d622","ssdeep":"","tlshash":"58e0ecc129c51504f3a3d050b0436c43f1ac941709bc2cd1fbe4dca0a26c516e862527","size":422,"data":"","first_seen":"2024-08-21T10:11:36.05512Z","last_seen":"2025-10-05T14:44:22.644647Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2da388856d7ac609d8a5c78bd533b79a","sha1":"93682bc2c49dbfa3b5c7ac7d91b61ff2868a2cef","sha256":"1263d5d023064a6423c8e0204f3abc37b55bf75bd285cdbd2f6ba496bd5bf99b","sha512":"afc383dff20d243217d7cd7b6bb9b4f52fc7f498978557c1ce80cb82f3ff094f9b78e97628fa80c73835c165dc785fa65ddc84ad35b43cfd905315475ebc17f2","ssdeep":"","tlshash":"fad072d17eeaa04183b320a4b08f2502f0b28c1808ac09f3c6a0ccb831a10408b8afa8","size":289,"data":"","first_seen":"2024-08-21T10:11:36.034432Z","last_seen":"2025-10-11T08:59:10.360425Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"66bf09d24ec4b4f1985dba06e285a9cb","sha1":"0e4b66a737bdc10d87eb8f4ec40a2fb85636d7a1","sha256":"4a61762e108ae9d683c87907b49259512a147a0094569c066a534d6f9573f244","sha512":"9b9ab5daa9c9c189db616dd99aa360cb2802169431e63289a7c7e8975adc8fed396b1ec94ec1d253593c7ec03331093367253843b7fd68afa27c1c57a76056b8","ssdeep":"","tlshash":"ede02b9438da600571a7f0a009074d8ef218991ac5ec4dd37de4c875b698615a8b746e","size":377,"data":"","first_seen":"2023-07-26T05:15:25Z","last_seen":"2026-04-06T08:44:27.592388Z","times_seen":124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"bc5d5ba25125f6c2a146e2f3ea0e2cba","sha1":"fd2deeaf82afa06dfe1683ae37ed2c3d585d559b","sha256":"0f866e6e2711445088ef495fe6a11d4e72ac0a3e85861255b9b202963f9cfd5b","sha512":"3fc5a9eb96caac2a91c95a38371ec6c7e69e8b761fab7b9885649f11def4213111694b0e682f6e2d562e0a5e2361aa74ea1b7d982e75ac1941b8a21f7fabd831","ssdeep":"","tlshash":"2311e1ccbab05411e36211b4884b29b256475c08be999dc658f4e369f3345da4bcf6ec","size":923,"data":"","first_seen":"2024-06-29T17:47:23Z","last_seen":"2026-04-06T08:44:27.614764Z","times_seen":98,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"48cc79943c57ec7c6092397d6022f5d8","sha1":"c7c2584840599a52b539307af9dc3b627c899fed","sha256":"88f9a2fd590e6bbbc8b95ca8c76586061080405401e4bd287a575e3164e2cd8c","sha512":"486ece9595e12e6e579eeac7c8395ff53badb36582529e03fc8c68e2244e02fcf592d94b8761c64c745aaf8b978eaeca5d904f61b1811ad251c810c2f2a0234c","ssdeep":"","tlshash":"e1c080e6319f6100d35777c54d8b3444502585a5c8886dc065f097d234d1315211e8b6","size":162,"data":"","first_seen":"2024-12-15T13:36:23.795458Z","last_seen":"2025-10-05T14:44:22.648879Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/12498c2c35.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9265adc21a90c43d57de5c99f790ec27","sha1":"6f5fc9a58ad1e898df6d806052137e76ecd000e1","sha256":"7d2fcc870d207ff6a6dee8149d328b3515083c4ce423980664f448d0c132cfd6","sha512":"be68836c52470ec6e4f0fac0fe2915d9ba89c8f6e2737e37da743ea223093ee7d86a1eb340c8541a25130db369f779ab473303fc88e41cf7488f5f56f6a75b70","ssdeep":"192:kH/1nmtHNTPmdDsqasWVVT/aiYofxxwFe8HKod1bYRj9jq/Xp:kH/1nmADUsMtnYo98HKoHsROXp","tlshash":"0d02c84c7341b5b883da79b3963f618ef529649420a9f8b4d122d6e0af3130ce43bd6d","size":8408,"data":"","first_seen":"2025-07-23T04:34:24.807784Z","last_seen":"2025-10-20T17:32:58.151306Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"4175d8b45f4ea3beb24bde9920584c65","sha1":"f65a3a2bdf42f919144442daa1257fa28d79eadd","sha256":"572496e97cb77395b1f352c5b68b06b0e11fc13a3b757396f16808fd8cfff151","sha512":"fcb549dfe9374ab52e491f09077f2e1bf5fb5722a34adb197ae0c9f68654c5b22593bf6367b5d00bb2709e7f02c5167f1b77c3eced68cc905bb1631d7b84e1da","ssdeep":"","tlshash":"8ee0d8c02add5055e3b3b01134972803f1f5881f0878ad814790dca4353053469499ad","size":354,"data":"","first_seen":"2024-08-21T10:11:36.065276Z","last_seen":"2025-10-05T14:44:22.64997Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f0ffd3b7c2574ac324603ed00488c850","sha1":"623e76c36aa2a886542011e28412cc761d7ceb01","sha256":"c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154","sha512":"436f9fb4816f6975fec0d965dfc0db4c3c38c53632dd4dc99a6c1a2dd9562fbd67176d0118549ff573c97e3394bad4d601c425cf670acab249ebc8d260591fa2","ssdeep":"","tlshash":"1540000003c00000300000c0000000000003c00000000000c000000000c00000300030","size":7,"data":"","first_seen":"2023-03-07T01:03:35Z","last_seen":"2026-04-06T10:16:37.274072Z","times_seen":64501,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/7f6bffe4f15.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"29b6dbc5472f334927b923d7df5fcb7a","sha1":"767b5ac66cfc19dfb515a1e14039ec18e55399bf","sha256":"4c49106f7f1d67d8719dd8503c44ac5f65c0ad50538b45144ed425202ff9923a","sha512":"0c79f96916e3cca268a6e91998e21612dff83781a1af7d69edd17c86a4ee098d982b8f4bbc12c4c1972f18982665225f10e737ee4e8abf4fceed121b14f12c8c","ssdeep":"3072:52gjIe1uXZNdDmNUKskm1B7NdK1pplk/W9Hwix8y15xpFtG:52de1MpDmNUK9mf7N4dlk+hwix8yPxpO","tlshash":"ee64e998f790b1b847a762b1923f102fb23f5855508c9ca4e266e5e03e7494cd53feac","size":307001,"data":"","first_seen":"2025-07-23T04:34:24.813719Z","last_seen":"2025-10-20T17:32:58.178712Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7659427ca2f5804ce48c3c313a59b55d","sha1":"b1bb46a17f58075dba494ae315593a9340f15171","sha256":"64f46db256fff74458924ed8d63a48575acc11b6abb85ae484ba2b4acb5dce9b","sha512":"9268c94c973d3dbb24b12796a236f60f0fc97ca82ac9d951a636d8b87004776634623224c39d2045ad232867656fe08fe463a3524106cc82cb0808fc3a742287","ssdeep":"","tlshash":"51f04ec875f45810a32254b0494f18a29746881ced9dddd244f1e258f37468a8ade6ac","size":607,"data":"","first_seen":"2023-05-27T20:30:03Z","last_seen":"2026-04-06T08:44:27.545891Z","times_seen":138,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d28909b93c8c3ea75dd3d34062114502","sha1":"8790c0c7b403dc05c794186f3a9f19a3fa7bc491","sha256":"f6af905762bde5b1983418d0863a79e425e42cc94ea62e16fe7c132764949e7b","sha512":"812c65ee18978fda9cb3a1853a9c0f968f062153c5ca608a876a6aef0ad40d4e680bfaf91cdb67bec15979a6cc2289767d0843962846b4e7fa09b213f3aaac8c","ssdeep":"","tlshash":"bc218bd115f9560573e6d45264da9983ff1ca82b41fc0cc2bbd4bd7881dc20ea8e5877","size":1172,"data":"","first_seen":"2024-08-21T05:28:06Z","last_seen":"2026-03-07T18:55:04.364893Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0d60aa3c4aac81d10936eab7cca0d458","sha1":"b9b1e0265d06232d6c5bff115e4a220c112669b1","sha256":"609d1da169eae1fd9c27a0e2a4d23e007204670da54b5143bcd85aa6eadc56ff","sha512":"e487f263cc9bc92c7c19e6eba0ab2f2f37a9b406345f63deb18ec899032d7b4e1d589da7c2610b4d8ad1b28954e58e7af61d4c2246ccbf89eb53b7dac38924b7","ssdeep":"","tlshash":"54c012e6329e6040a35a67c10d4b2048602584a5cc89988064f0979334e5725691a9f6","size":174,"data":"","first_seen":"2023-07-26T05:15:24Z","last_seen":"2026-04-06T08:44:27.601559Z","times_seen":124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5f6f1baa0652f8cea502d48160d5d8fe","sha1":"5e8118495c8b86fbfb5b699e76a7d670c57f8549","sha256":"c99512e420be80ea88341038717a088ac3b503d1d03651efea043b04f355e59b","sha512":"e9e73d4894c992f52fe79abb3fd2bb0782f738c870cb85fca001a0441308490bab6ca9c6737ca1d02ffde3f38386bc6ec71671bfd0c0787505d81be0d98f62ee","ssdeep":"","tlshash":"0e5161dc95715581b3a5523cd58734b666461c10aa6088873ff8e37af3708ea43cb2bc","size":2497,"data":"","first_seen":"2024-12-01T17:00:16.371563Z","last_seen":"2026-04-06T08:44:27.599933Z","times_seen":86,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"33152c313ff86f95039cf270ace96712","sha1":"79039abc854f57dbd1835a98da07cc7c6a78c933","sha256":"e30ecaa16a932088f453f22e4647d460d69ab82d8746a48285c86545727768e3","sha512":"b3438b9a047968ad2e0b6a2ba5dd32f80041acd612367a16e6aba26951fe0fdeecdd0d2e1fa57b8333da07c2ac5480e56955fc74c65805a9cdb2e3c15d3b6ba8","ssdeep":"","tlshash":"d0211dccb8788619c6610ab8102b3db50a231c08aa953dcb64fcd79cb7244c753e63f8","size":1171,"data":"","first_seen":"2024-12-01T17:00:16.222711Z","last_seen":"2026-01-02T03:02:02.754204Z","times_seen":89,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"b06bb73b018c163c7a36cc8a911f7a49","sha1":"ed4d95b94fb57e1935ace77468ca04ba648e4631","sha256":"09feeded1ca6b6221837883b30e821804d65ed22fbc54b1033467dbd818b7d93","sha512":"18d1ce1a13298b3c20589bf56ce8cb7e2569cde41b9dc14918c61808cfec09ea2a560d46a3421488fa959712b81b2da06e587334dd159b6dc06ec1cf47d7ba68","ssdeep":"","tlshash":"07e02bd0329981261ea689b534af1c0de133990e08bd3dd661a4a7d45154a041a81ffd","size":400,"data":"","first_seen":"2023-07-26T05:15:24Z","last_seen":"2026-04-06T08:44:27.556546Z","times_seen":124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"70e63784c609c4ec6b1a97f1bf72c1a2","sha1":"ea99d6caec46406ed67e8e37792c04af3641715b","sha256":"be585273d70eee8be6789560ea221d366996980ef04b3aec591c237737bc4054","sha512":"09bcc1300be0a27114357843448d4cf689996a46c8aab9f5c2200a670f20b480cf9eb59952df18e80bdbcb54582206c5050365f844b4cbbfc0337b6290bf721b","ssdeep":"192:MsP/J8YDu2sJ/31gedTtkvstxcI9n+WeAwjr3FIjBCW:nXJlFs7ttkvstxcI9n+WeVjr3FIjBCW","tlshash":"d4d18bb416fe0b8512e5cb9d22d6354aa713d82f5cb43ed3bfc88e72a054b1818dda71","size":6517,"data":"","first_seen":"2024-12-01T17:00:16.324581Z","last_seen":"2026-04-06T08:44:27.606778Z","times_seen":89,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"95b677cb865ba022bb00e16cfc4ddf73","sha1":"8afb7027ba6045b1c627cc59bc90f5f78505477a","sha256":"71e9753794e720a5ed9d3cb1ef4279ef9a6c1b92b3ab6307e92d575e7dc68927","sha512":"c805ef5f785003c39b174bc63907ad9319a2748eafc3d0bb8d976390fd70664544a85c6e2a0bf6ee6582251bc6c4631188a25ac3c1f3d7630e7e440b81a43e38","ssdeep":"","tlshash":"024159cc78688216c3a216f8001b397565735c1ca6c93dc768f8d2a8b2645865beb3f8","size":2193,"data":"","first_seen":"2024-12-01T17:00:16.380798Z","last_seen":"2026-01-05T15:49:04.782787Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"68cc010fb737a2cf369c58f4bab82871","sha1":"218aee626bffcf9b9fce196c47529936c8d1feeb","sha256":"c536e80772a5d5c44c6f790e31ae1e4e6ad7dbca9010cabeb4887cfc7d6b647c","sha512":"f2878ea0be5dfcb4edd1fe5584cdf3bebf448e2dcf2be4a6a5d0f80c77e0ff74f11cc8c7969f6064e6a9aa394c49f46a7fabee528dd7ca21f029d9ab1f5b85c1","ssdeep":"","tlshash":"9ce026d004e11c0083e7b685a0936842f6ea552a50f83cc197d0df90303214a901a87d","size":339,"data":"","first_seen":"2024-08-21T10:11:35.977394Z","last_seen":"2025-11-06T15:32:07.444344Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"8362bd67dcc8aaed7d2563a8ea217d8d","sha1":"e389ee3093f18ec3c867e23579e00ac358bc0bd4","sha256":"94aa2cb04f931b1a44f1e356694e8f36d11c98983dd78b7e3360bdc6e5640c15","sha512":"9432ebe891e9747fe80a0f7e04e21df32a81a54f60c70ae1d83c01f1c7ed52b1857bf94a6645c6a45214181c2165e475036ba1fdcc65789bb5aa9d8dc3f3b184","ssdeep":"192:EAs6znCyuPd3VaC26qZ3KroqgntHwUshVLv6R10WMqZEh6nwjTiJMMsNxYtrsdJy:lsECyAd3VaMqVKroqgntHwjaDJ7sN6tF","tlshash":"c822c2e968b9820453f083681193642a55239c2d8dc53dc37ffcc5b5b164e8a9bde3f9","size":10047,"data":"","first_seen":"2024-12-01T17:00:16.339087Z","last_seen":"2026-01-02T03:02:02.758525Z","times_seen":70,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c93f5f2931803ec8b13bfd4639ab16a3","sha1":"068927cb29be21c83f02a281259a044f38b491ef","sha256":"ff5fda5c13a057c0931bfdf9352bd125d5ca57aa6b12693b57fd189142e1afe2","sha512":"10b7ff81e5852e1331feafff1f623bf529e156169f4352ab4b7eabe815b045d6a5882fbb4a35fdb55fa62efaf6774ffa44e5136f572810633287ec5416e7cf1e","ssdeep":"384:P7FRfMQzDESGtnzE7ZKzfHQr7Z2ZMHgzL+8aj1SPlgHgZZFXmiH:3fM+DEptnzwgzfHgsMHIL+NpS","tlshash":"a772f86b2317354d0a5162a57dbf3f9ef2fe6a2bcd529c0398dd861c00704192daf7a8","size":16055,"data":"","first_seen":"2025-10-05T14:44:22.660802Z","last_seen":"2025-10-05T14:44:22.660802Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/93f8a4e7190.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"900a3e4d2e3736ce6b48d9fb8dd834d1","sha1":"1de7f4c873b9c0e86a069ca7ad2958ee9516861e","sha256":"a38c78d6962c7bc34dfcc23498e8805f585a3640a2c42b727ff06b917448f9b5","sha512":"9299baff3b766f45608610e813f6dc6997de98a4d09b3ece64e12fd6b9de7b1d4b5959b86a84f9b339f77853eb384573f950846dc91461a2b75206d4b6db4f2b","ssdeep":"12288:7tGfe9jJDAFDsS4BFhFvb+j+Z+YP2f2rOlStul81EtlXbgHh:7+e9j/rOlSbEtlXbgHh","tlshash":"5da41b44fa80b17c8b9b51b5522b501af22f4855606c5cb4f2b5e9e02ff1a4ca17ebfc","size":459493,"data":"","first_seen":"2025-07-23T04:34:24.840084Z","last_seen":"2025-10-20T17:32:58.192977Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"e93fd7443cbdad33dc532e4ad66000ff","sha1":"dd7cda2bbab15080eebab9f9c4b2d3fdbfbcb627","sha256":"e46e6493f581f352e0c57f5bb8cbd65900b9440a0f60285af9c4bd4c216c9ef4","sha512":"f754372477acf7fa4c4c87986fd91ba115c55e60bda3d4091643e132b8f8e29f283be27d682ca4ab50081efb8734be84868093bdcd1fffe377fb6633881791b2","ssdeep":"","tlshash":"73f022c145f09d5047ebbbc022832083fb4afa0ea0fd7dd24e99a3c021904ce281a27e","size":592,"data":"","first_seen":"2025-10-05T14:44:22.661886Z","last_seen":"2026-04-06T08:44:27.611773Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f3edb99388f55af940e82ce32673d835","sha1":"114503546d16ba270e38f3f3e2aa9d922fcf42a8","sha256":"a931fa9c99c70ec88c9cd397e9ad3947ba89fa0f0ff8b895403a125d15269f8f","sha512":"ba21727c46ee3085e5d4de50589cb88bd4a3391e96214db655341dbb3d470d43ef2663c6005f9188c030b88fc323f5df0e4241dbac62db4bf9a7b3ac8bb2f022","ssdeep":"","tlshash":"93e0cdd87fd9e174915391905c0f1845f23ac46c9e5cbecb4d50d1a1f4447519dc9cda","size":302,"data":"","first_seen":"2023-05-27T20:30:03Z","last_seen":"2026-04-06T08:44:27.597994Z","times_seen":135,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2dd495a1cf12e8b2d097ed1aa756c17b","sha1":"f661c4bcdafe685bfbc9c2c8e103f9b3ef71e4ba","sha256":"76d43b0fedc341541b8b0611ed3685ba52639da7f21d928d640f64d534fb400b","sha512":"6b0bbf4f7017786321a59e428fce1848120434a5f7dc4bbc14a01bd73ff84849ea8d3e98475edbef809706a670605d3cdb5d66f1cb59edb13bef8e98816a4791","ssdeep":"","tlshash":"33c012da32ae6000d35627c54c8b6185517484e5ac88588064f49a9234e5315314aeba","size":170,"data":"","first_seen":"2023-05-27T20:30:02Z","last_seen":"2026-04-06T08:44:27.570131Z","times_seen":112,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"42de0182ba44947f606d7fe8a4005a18","sha1":"7fbec2341442b9c9a0b9754a6adaa15034a1f335","sha256":"83b9fd2d8b80441821ccf73fbd63a5eef200a45f1fa2384574fd0548b63c94b0","sha512":"1d2c6083e9ddd7212570d76232222825d9e8304e8d87a0f83e2ade993edae97d6399700061a753240f06d9345c00c3b92c778f05dd5c0d76eea9a5b50b62e60a","ssdeep":"","tlshash":"c1c012da32ae6000d35627c14c8b6184522488a59c89588074b0969224d1315214adb6","size":168,"data":"","first_seen":"2023-05-27T20:30:03Z","last_seen":"2026-03-07T18:55:04.455738Z","times_seen":73,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/20da8b5573.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd21a3973e59c3679294f8a39bce18b5","sha1":"9459ce597ef77487354b4c34686b79d0f757771e","sha256":"110377ecd6096e190a3442f4c8ecb5af6e34162d286007dde5b2be7dff5d6623","sha512":"81e03b0ba7440292926ac9926ec9158fc6119b4f37bc7482bf9c8062f6bcbe660157c1e3756b17cdffec43950ba04d501b57d102caa293d30040c884297facd6","ssdeep":"192:IBBx6OoTLwVuiwc2ViRfFrnxmuu3XZk71IW:Z9TLwYVijJuKRIW","tlshash":"39f1ea1ef365f9b803e669f3a93b9101e13e7646a044f470d2608e69bcb870dd17ac76","size":8115,"data":"","first_seen":"2025-07-23T04:34:24.833151Z","last_seen":"2025-10-20T17:32:58.173939Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"b437d08402bed2ff0bf162fec2b1afe0","sha1":"3207296c8d54e6b96e6de23db11dbb0eb7083d18","sha256":"2ca4736e8396481d0e7ee68d5addceaf66756e861ad7ba9ca5edc93f60853293","sha512":"d655a6866d47b880f15e41b834355a0ddc6572991106a4ccf2642d18bf466667e5bf852336060e0107efc380ca7309e12033d27fbf8228fa28aae60fd2805689","ssdeep":"","tlshash":"1bf0e1f409945040f3330060850f1551b7d74c1e4959898295f0e234b1b0ad54ede6fc","size":525,"data":"","first_seen":"2023-07-26T05:15:24Z","last_seen":"2026-04-06T08:44:27.555676Z","times_seen":94,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5b6998d5799d028d21a59924466b25ce","sha1":"9cc523df56149590f8ffa42a8b9b76a61cb5989a","sha256":"b48c8c9f1e3b88371c5dfea29bd58bc981fa6b8c68f2bd4b35d1c48624d04410","sha512":"8ee4dbe19edf930c62f5ddbb1cbef46c2253eb0851b338943ab559547f5675d191a4a2158a07ea1b3db7d6ee7502385b302ff44f4f854257a258f6bc09e41f9f","ssdeep":"96:yu9MWPshZIUlAv00Qu30wq/0BdARLGPGHbqtZGRZtD9uPoS1CVcsvu6hO/VqScWS:7Ivy4jM/gB","tlshash":"70a1e1e005759f5653e6fbeca2c3304bea5ba90e19f5bdc53fa44b602150acb108e53e","size":4698,"data":"","first_seen":"2024-12-01T17:00:16.366765Z","last_seen":"2026-04-06T08:44:27.553604Z","times_seen":95,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f0ffd3b7c2574ac324603ed00488c850","sha1":"623e76c36aa2a886542011e28412cc761d7ceb01","sha256":"c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154","sha512":"436f9fb4816f6975fec0d965dfc0db4c3c38c53632dd4dc99a6c1a2dd9562fbd67176d0118549ff573c97e3394bad4d601c425cf670acab249ebc8d260591fa2","ssdeep":"","tlshash":"1540000003c00000300000c0000000000003c00000000000c000000000c00000300030","size":7,"data":"","first_seen":"2023-03-07T01:03:35Z","last_seen":"2026-04-06T10:16:37.274072Z","times_seen":64501,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-RWYKQ7ZE0Q\u0026cx=c\u0026gtm=4e5a11","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2db70dd429fa78d6eaa4f057fc5a86db","sha1":"d17c61928448c805018088b0542ffa74e6e166a9","sha256":"a2ed51d30adfc84f2f11a3db4af9fbab3433ac345f19def6c9909aaeeec6d800","sha512":"3e6b6fe925ef79f6016b215297f40ff84b8ce1c2e408ae112ec9441335cb3aee37c6a6ab9b4cdbec67bcf0237c9eb76560b71376c2e90b34ab1dbfc0c835bb8e","ssdeep":"6144:xlZTP5DyYvRC1cZwtgk6dSLd6gzf1X+6VSK:ZbdtvIcZwhOK","tlshash":"137419cdb3c670665392a478903f018bb5bb6892f44cc899f186dde42e74a9a4137f7c","size":363542,"data":"","first_seen":"2025-10-05T14:44:22.566746Z","last_seen":"2025-10-05T14:44:22.566746Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa5f4d9757475d35d60afa230be9edf8","sha1":"950ef0947262adfec37481ac5adfeeb6cade94cb","sha256":"c18963e166ae040964fa975ff0f633187df8fd5d9373dc32e774e0c36d5715af","sha512":"66e068d42afeda5bd7a9041947a361421bd64bb9da172b87987245f1fc46ab48328d2a33d371e41fae0163c14077d2b78d27564c942f1f1e8e4ff8273ccce42d","ssdeep":"","tlshash":"140126ccb9b45810f33254b0488b29b257479818ae99add244f5e358f3345c94bcf6ec","size":729,"data":"","first_seen":"2023-05-27T20:30:04Z","last_seen":"2026-03-23T00:59:43.334241Z","times_seen":100,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"8d12685222809e084fe8f5fec78f6972","sha1":"9b41c038ee827c1936c8d116630d29c6074e93c3","sha256":"a4c86e11fcfedde9564f3d81305b8fad8d4d3f5301dbba8a0bfcfcefd326b1e7","sha512":"d3f21acf65c5d886708c8d8937594d5bbdf6a014ecccbfa0d19df2711d959a718641ba49e4570c39373118561fd5a19ebda5437c2d89dad0fa48d217539faaa0","ssdeep":"96:VuWcqMCEwzsDLqM/chVPv5ZQhXpMahbe+To:IZCEOw1h9be+To","tlshash":"20f137a524f30702a2a5c66d22d765563e0b9c1f45f87fd3bfecca70e2846146cea0b5","size":7784,"data":"","first_seen":"2024-12-01T17:00:16.393435Z","last_seen":"2026-01-02T03:02:02.743303Z","times_seen":68,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"8de0d7cb9cd2b90dca265384ebb64bae","sha1":"2147622daa99e91428cbfc936526b57e7893327d","sha256":"e6b6aed363f140fffedb29e0d35e78d49e269a8dcd7728239876b563b517f319","sha512":"0c14236616760c3d0f81611f97f7a6450e64bbdf2982275a2d997dd25a816b46e02392ce56585db39ae1b2d6ee8a9969293e4ff480a316c01bff3c37d5944951","ssdeep":"","tlshash":"6af04cd01470dc4123a6bee09087a44bf32fa40f50f97cc07a54578421442ce1459a7e","size":547,"data":"","first_seen":"2023-05-27T20:30:03Z","last_seen":"2026-04-06T08:44:27.551784Z","times_seen":97,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/js/mtg.js?v=2","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec69d6340f06231b3176a610695d3c6d","sha1":"7545891318097ff79b293b9cc3d3bcb68a0619d0","sha256":"5e6f4fc27aa96f524f3ac23d099a1f2f3c29c30f4f942d634139995652916bb4","sha512":"c053a155ffda4f89b5d75a54eeb2d83458c78eb84fe57950945449b4298a47f61e2c53f1ddf946a146629f50fee55ab554a57ef48ded631911f63de86e18889e","ssdeep":"","tlshash":"e8e0c0da70510871b5ae86b573b5a1247153550cb4191922cdfdc824681c987482208c","size":351,"data":"","first_seen":"2025-02-02T18:21:06.747357Z","last_seen":"2026-04-06T08:44:27.512806Z","times_seen":142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"65990f869a56b5080e511fcb36d5690f","sha1":"e36012aef2c0b069f45c6283c828a7517309e9bc","sha256":"52b27fd764570372960a0fdbd7c20804849b6de151c59b42e6e02378f3a5192e","sha512":"70a1afcd61260e152b3e1d4dde6714607891a196c62fdc463053f60b43bab9f1bbcd92d8238f16b55264782955c177983ca9f3bcf298a7ef2d9d3b634d803ce4","ssdeep":"","tlshash":"05d072c17aea900083b320a0b08f2402f0f28c0904a808f3c6a0ccf831a10508b8afa8","size":287,"data":"","first_seen":"2024-08-21T10:11:36.064393Z","last_seen":"2025-11-06T15:32:07.426553Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-JH5Z1V4NG6","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:34:17 GMT","end":"Mon, 08 Dec 2025 08:34:16 GMT"},"fingerprint":{"sha1":"71:28:4D:CB:A8:43:CE:20:8D:C2:D0:1C:15:47:53:FB:EE:1F:E6:6C","sha256":"FD:F8:A3:C0:21:C0:03:15:43:2F:C7:36:8C:50:6A:39:57:B4:06:6A:0D:82:33:AB:55:A7:80:D2:E3:79:B8:11"}}},"request":{"raw":"GET /gtag/js?id=G-JH5Z1V4NG6 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\nexpires: Sun, 05 Oct 2025 14:43:55 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 140669\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":422782,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"57fa741a1cad9db55c0c9352d05a4edb","sha1":"e17b77f8b2ffb3cf4b68eb36c67c707975ae4941","sha256":"1af8757e296da011120d0fcf26eef26118f16ba0175bd758f04c4a11ab3b9867","sha512":"69fa2bf49fb0c556b7aa092ca520c7563d586afc03fea816a3100b5511e7285e78698c4e3618ab2a9ccb10f9fd5c908608efa7485a36969e56fc0f21ea2e4091","ssdeep":"6144:lBrZTP5DyYvRC1cZwtgk6dSLd6gZg1X+6RVt:b1bdtvIcZwhGt","tlshash":"f0941ace73c674665396e478903f018ba5bb28a2f44cc899f189cce42d74a9a4177f7c","first_seen":"2025-10-05T14:44:22.518333Z","last_seen":"2025-10-05T14:44:22.518333Z","times_seen":1,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/img/webp/icon_st_ots.webp","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /img/webp/icon_st_ots.webp HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8464\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: HIT\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 28343\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9uhgWIsQmSV7niQ4FejoksR1t8jkUE6iHu5V20jnhnnezmwqPTzS61XglLLKmYklu0IyOa96sGHbdMTgw%2B%2FgStvA59B633w3Z7M0ovCcAJOnRAJ%2FNqw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db1b03878783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8464,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6ba4bcd92de606fdd1ae94b18a5c5c47","sha1":"26debf25d3477c674d960bcf9c14cff1fa1dc798","sha256":"fd121c61e1b7a28cbb2a4e90fff27569ed8c77917ec6bcc6073a5623bbc1f50c","sha512":"0755a7c1b2a65b1fa0cd07766411f5ee272fcd944c95a782d742f61dece8b7bf0f1b67a55e3b43ae821a1db757f33ca6c164f0ce397763b0b350d9d70a9c4608","ssdeep":"192:+rlPd2EiSP8AQBm51yI8C7IZrNI94+HcigyK1nKpRbRwjkGrS:+rlPdLtPf51B8C73K+8fnURw/S","tlshash":"d802afbe82a29b45c24b487da67fced09d44d09814d132ff0f820ea395e79c81375019","first_seen":"2025-03-28T18:40:52.589788Z","last_seen":"2026-04-06T08:44:27.494276Z","times_seen":123,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/8b8bacb9a52.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/8b8bacb9a52.js HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B5gVNkRhvk2vTf1ChDBSSRrJpQGksk7kKd77Ox6jWWPyoFbhajpSyb62rYDY88CYxc8TG%2FYVotSSWUZSg7nhNm3sO3F6fZX0HMRwaF2sZSOdGxbI82g%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c78e4783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5083,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5083), with no line terminators","md5":"47543ddf6ebd58d312edf3cbb0e045c0","sha1":"5c1acf26527a28bf5be3cf5793e2256be1fe46c5","sha256":"73498a0cff156edf50b1d0a0fd82f08d7cac55dc2f471628e62afc1e63d37793","sha512":"1eef0cef945121a28301d1090ef1f7a21cf9317b31b3b06f3b630eb8cfb41f721f170903489c26bf046ec783d7a74e6e4ed952826212142dab6642b0fb51d6af","ssdeep":"96:GcmJzSEq3/gpLM9MupT1VTLVCXChmRLEi0yu6POx6I:GZs53IxiPhV3VGVp50yu6CP","tlshash":"dda1e91c62159efc03d76f73e66f60cad629244e6180f8b0e250dfa5aea5b1cd073c66","first_seen":"2025-07-23T04:34:24.855479Z","last_seen":"2025-10-20T17:32:58.136836Z","times_seen":12,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":40,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/css/9def902da.css","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/css/9def902da.css HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:09 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xbl09u5UcrSmI4weALkq1fUUchPTpTJM57fhjWJcLDD4lwS2LNi0oNKHJK9YyQhOE1oYq%2BH77C7rUnZiKoWZ9Kkn8ebJaP7vR1UHrrDuid%2BCKv6l%2BqU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c78ee783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25939,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (25935), with no line terminators","md5":"1414bd0066207cffceb6cd244560f00b","sha1":"e17397769b6999a0381378cbefa1692abdd50434","sha256":"e9127f9f6acdf58f27f428f9b5b8e30c4d3c5c40386a06a1d9b60463c0af2385","sha512":"75045f80542d273af181fffc9d70c2bed1c6f68deffb83cd99c693da8b696e4ac1e479d1b90592df7605fd69c9aa137603d2c942b1327dae603cc3cf087c1a58","ssdeep":"192:t1pOI1cmOzhdmLoJ+SX/YXh/xHgNXdzj+YhehV5VSGGQ0urPwjuP3p/AYkYh4zMX:t1pOI1cmOzJBaqyYhgVeYhQbGAigePI8","tlshash":"cac295270159131ca593cc701be53b26d154c477ea667bfe95246f2acbc3bf20bb128a","first_seen":"2025-10-05T14:44:22.523256Z","last_seen":"2026-01-11T18:57:01.9772Z","times_seen":33,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/b2b11c7b87.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/b2b11c7b87.js HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cG1YkXvv6J7LODGrcU7CHrlWoTTTRQQdsB%2BCgTJHLiYDmSR%2BNvjrX59kYKbPPNy7CeJjnv%2FDVHbTNUr6PInzzKpERBVXuQ3iAqRBsQtVrNH1707oZH0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c8902783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3465,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3465), with no line terminators","md5":"c8eafba818580968d1451f14b44e9cc5","sha1":"efa41bdd9d34575ed1b15d5908b2e3dc6fedf417","sha256":"a92c8ca33b0085e6fb74f4136cd628fbff78909fa70c789be800d28a4fdbefcc","sha512":"5ccc79fe62dcb348af8e47d1c431b1873e157ef928cbc0f28d03820b4277d505b2607b6cdfc7bda6ee5688eb3a3d2d00fc52a26a3c7f85d84567d53aa5c068dd","ssdeep":"","tlshash":"d461b75e20181bf593d56e77fa1e90c8892b085b62c1ecb1d160cf15ea7bb0c5473d59","first_seen":"2025-07-23T04:34:24.860838Z","last_seen":"2025-11-23T17:32:53.635275Z","times_seen":26,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":37,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/img/webp/icon_st_bsk.webp","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /img/webp/icon_st_bsk.webp HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11474\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: HIT\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 28343\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bqELYW2WCJxVSN2cnfmdBK9lSpVaQkf%2F1MXnSWEs1a6o2YIo9Se%2FvwWhBjHyBdk4mSEUP%2BQGX9Kus51A16m%2BtjTNO2RIeUMtegZiff55OAnBzKfFHCY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db1b03875783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11474,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4859985570397fab4de91a9a3def06e7","sha1":"b409b881d6166df6b1cd1c7ce729eef0a085d8d4","sha256":"8d90cfd8f536498777f330c3a45353fb9f8b293b025a1587f8ee74bc9e35afa0","sha512":"5f783fd0b447338ab80f234940ea70aac9a738a427351bb876712bf2875c71160b4e3da393f44f5562f24f67c019d205f7f8d8160bd0eee89bd703913c075997","ssdeep":"192:uOGnvW8ZgMYMN3tMATjFXvP7B2DtKXpj+kvI5pECuRpEkB+cHZsCdng:uOWW8ZggtFXvzB2DtKXpbfUkdJng","tlshash":"5032c00ebc6cd232fc98271d990934b0b9fa90074c6f87a3fb4ab3159ebc05a019525b","first_seen":"2025-03-28T18:40:52.601513Z","last_seen":"2026-04-06T08:44:27.486244Z","times_seen":122,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/20da8b5573.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/20da8b5573.js HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: HIT\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:14 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xDSK0At7lH%2F2E3Cunj2%2BSs50JC6HSPad4OnCXMrg5xL6V8LKwXFcmskwg2gC0X0z1Bll3K%2BjGwpw2V3zxcY5jN9bmBer2cCTDf2uN78Z2Mwx1W5Tvy0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c88ff783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8115,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8115), with no line terminators","md5":"cd21a3973e59c3679294f8a39bce18b5","sha1":"9459ce597ef77487354b4c34686b79d0f757771e","sha256":"110377ecd6096e190a3442f4c8ecb5af6e34162d286007dde5b2be7dff5d6623","sha512":"81e03b0ba7440292926ac9926ec9158fc6119b4f37bc7482bf9c8062f6bcbe660157c1e3756b17cdffec43950ba04d501b57d102caa293d30040c884297facd6","ssdeep":"192:IBBx6OoTLwVuiwc2ViRfFrnxmuu3XZk71IW:Z9TLwYVijJuKRIW","tlshash":"39f1ea1ef365f9b803e669f3a93b9101e13e7646a044f470d2608e69bcb870dd17ac76","first_seen":"2025-07-23T04:34:24.833151Z","last_seen":"2025-10-20T17:32:58.173939Z","times_seen":12,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":37,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/css/090b7a6ed.css","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/css/090b7a6ed.css HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sF%2FtUKFP1w0cpeYe%2FTr1h5EzstOMxz%2FXWmRfsOkk%2FhpHMhqbJuHL7X8Ol3HgISM0qJ9gci0OdkfmVe2jWPn1SqI992wttPmy1JwPOTJ%2FolssZFZc2BA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c88fe783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26768,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (26764), with no line terminators","md5":"f6005b1d56209944b492753b4a40656c","sha1":"bbb492fb98e217bc501f060fd8d40dce24cc5200","sha256":"32407a62892976647699fb799df21c7220485414bb23ccdab35b66d22025c040","sha512":"b0ca63fbc15641f703fe9bdb547031517846ccbe7c72f47f4dae2bb2c0e0d4d7c25b16d8cac2648114e2c0f2a66a6f607a51d47b05438906868cd9cd6bbba3cc","ssdeep":"384:tMGiV93rH8jYhG+zYapQYhG+i1bSYo873Ex:tMGiV93rHUYhG+8YhG+i9NoT","tlshash":"90c2631b0541331db127ac680ba82565966ac0abd70723fdd4d73f29c7c7f861beb60a","first_seen":"2025-10-05T14:44:22.527799Z","last_seen":"2025-11-23T17:32:53.629669Z","times_seen":21,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":37,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/img/webp/icon_st_ftb.webp","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /img/webp/icon_st_ftb.webp HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11570\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nlast-modified: Sun, 05 Oct 2025 06:37:06 GMT\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 28343\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Oe3bWyT8duDY1TsW6zzbmIqijlI567oALzUTVRF1RTLadkjx7f64Ypwdj3PJ6BXfgtPmKHX04ncJ2eLB4e6A%2BlUkQpDQwB6iVpuYHYpqS7zLZ0BuZAI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db1b03873783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11570,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d788fff350579afbdcc0ccfdf5241960","sha1":"7af71241884eb116369edc74ee84496c42786ce4","sha256":"17f3c1f6917c0ec3a717314466aba38428c9cc8a0c3ddb48ac00933921855267","sha512":"db4a72be4baf1748e5a60e6bc20c1cc4404f002b4a64337082d87fe5a1495339c2c2477093b4d1909f9bb93056f5cfd9e47b6caff03df2888aee524b03d4cecb","ssdeep":"192:3ocF+aBOti3m4X0rt0VZhUljpPm0bwWXTrhJj9uSPsU+s:3dLMi2W+kZIPm0kWJjNss","tlshash":"7d32cf8a6e53c4b3c16685b4ae1f7cc92444f4cf01464b676871e788d76f4a6cfe900e","first_seen":"2025-03-28T18:40:52.588545Z","last_seen":"2026-04-06T08:44:27.531409Z","times_seen":115,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/img/webp/icon_st_more.webp","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /img/webp/icon_st_more.webp HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2862\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: HIT\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nlast-modified: Sun, 05 Oct 2025 06:37:11 GMT\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 27685\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9BRe4fXbFqyEQoJP89ARXACvS7DjKS8INkkYNU%2BHtNrv%2BNyurwTgxu2isAZy6ovoD%2Beiu1dcZ45tWioQXQ6tAMjM%2B0mfP9ItcyPvT8z71ec8x%2Bg4XD8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db1b0387e783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2862,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2074071d7c42652bd2cdaed7a9da7398","sha1":"30b0a47493ac522f8bfdca563d1c922ed9f788e2","sha256":"93d6388e5764f7de138adb562e3c0c17294e4edd832fec9e66f70800f58ec88b","sha512":"dccbbf63106726cee6327af4506d22c42cfa9a9ee8faf728346497a73a5a235bee161f99c8b509f1a408e52b5faa3920488bc7dacbc5b4df697c6845625a9004","ssdeep":"","tlshash":"79514b5aed77c0a4f8151ff6b8e15211fc49c1e5a206d74a6fe0672a58ab8161325b0c","first_seen":"2025-03-28T18:40:52.575042Z","last_seen":"2026-04-06T08:44:27.475965Z","times_seen":120,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"logos2.tcgfs39a2.xyz/aelogo/country/ad50592d7219911e8c4895a39fdf25c6.png","fqdn":"logos2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"logos2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:39:41 GMT","end":"Sun, 28 Dec 2025 14:39:25 GMT"},"fingerprint":{"sha1":"07:D1:03:98:07:0A:D4:71:95:DB:B4:08:6F:25:00:C4:D8:9C:EC:C3","sha256":"E7:3B:FD:EC:A8:B6:AC:97:6F:2D:2E:51:D1:B0:44:69:46:FA:D9:49:B2:07:9F:CD:93:B1:F6:69:23:A7:E4:D7"}}},"request":{"raw":"GET /aelogo/country/ad50592d7219911e8c4895a39fdf25c6.png HTTP/1.1\r\nHost: logos2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nsa-host: logos2.tcgfs39a2.xyz\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 0\r\nx-oss-cdn-auth: success\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ovhHynoAuplWtPTYFbKTR1sFYoF46i2puXQAuVl8SUHxRek2bQkzHJN6XOJ0P1hnT9RA9J1cctzRk1T9YF57Rn0dD4NngmVhVZo4tg%3D%3D\"}]}\r\nlast-modified: Sat, 15 Feb 2025 08:42:29 GMT\r\ncontent-md5: BSf/EkuziwlL+W9VID/cEQ==\r\nali-swift-global-savetime: 1759675371\r\nx-swift-error: orig response 4XX error\r\nx-swift-savetime: Sun, 05 Oct 2025 14:42:51 GMT\r\nx-swift-cachetime: 1\r\ntiming-allow-origin: *\r\neagleid: a3b54d9f17596753710848495e\r\ncf-cache-status: DYNAMIC\r\nsa-cache-status: HIT\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 12\r\ncontent-encoding: br\r\ncf-ray: 989db1b1f91f0daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"logos2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/6f4b0609910.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/6f4b0609910.js HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FjRJ0VcDZlZBM40XCDBO8hkBKnzx7A4XjC2hohpa0UcrXiA2YX1xJ0edh83XwsFON165O229WCapFrb8Mqz51hfNfwOh6OyDJXe6liYFL6GVVPnHfZ8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c8904783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71905,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"63d1ea7c0f47191d7380359ab0d1fd58","sha1":"1a872905d49b4d4e840a68c463856ff2600be156","sha256":"97df20c0529139404ffd8d344ec726aaccac7bbdef73c0c4d0415f7f1fe840cc","sha512":"cbcee0855a966905868cf513f80b846d0e229252ad90bf4fa1a88f357f6a5b3804b1faebfc67ca11632ef40428bfc5e58b6560d0e368958a2d013ca53a14c4ef","ssdeep":"1536:uA5Jz1rzAr4rqG/mcI/V1Ic/41Ic/tcI/2uq8S4Xe:uOJz1EG/mcSjIuAIutcS2uqx","tlshash":"6063ea58a295f6fc4b9615b3933b6058d57b1ada70c8f830e272cfe07a34285d529cbc","first_seen":"2025-07-23T04:34:24.834526Z","last_seen":"2025-10-20T17:32:58.168013Z","times_seen":12,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":37,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis-data-defra11.tcgfs39a2.xyz/api/common/bs?code=100\u0026sportType=0\u0026stream=true","fqdn":"apis-data-defra11.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:44:09.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apis-data-defra11.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:41:28 GMT","end":"Sun, 28 Dec 2025 14:41:27 GMT"},"fingerprint":{"sha1":"D4:E0:E2:2A:77:82:32:8D:4E:16:CA:0A:19:A9:BD:5B:69:CD:5D:DF","sha256":"E0:BE:3D:ED:50:D3:A2:F2:0B:C8:9B:C4:55:79:D2:84:A0:28:DF:B8:4B:D1:DD:55:5F:E2:94:0C:F9:46:9C:F8"}}},"request":{"raw":"GET /api/common/bs?code=100\u0026sportType=0\u0026stream=true HTTP/1.1\r\nHost: apis-data-defra11.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.fctv33.buzz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:44:09 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nsa-host: apis-data-defra11.tcgfs39a2.xyz\r\nx-request-id: 397162b2e_210e5291a2d\r\nsa-cache-status: HIT\r\nrb-port-server: 0.354\r\naccess-control-allow-credentials: *\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: BYPASS0.357, HIT\r\nrb-ray: vaBzihdHklq-2-HKG, aCplghdDelS-2-FRA\r\ncache-control: public, max-age=4\r\naccess-control-expose-headers: *,Content-Length,Content-Range,rtimestampunix,ruserinfo,rb-session,rb-ray\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nvary: accept-encoding\r\nsa-age: 6\r\netag: W/\"0ec82c0581a1d5d294876daa8d0ac850f\"\r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P3ylX6BDisIpp5DZMzrCqGE05GqX1YTSoBGJ1DRTYgD7UN9OhyEL9ZideEWrTcnsV2VkCqwGcICExyOpqLpn0MqbNPEjF3vXU0bIOYF1zzX9l%2BHEgiLjZx5C9LLzkDE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db2092f0e5a0f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49,"size_decoded":0,"mime_type":"application/json","magic":"data","md5":"ec82c0581a1d5d294876daa8d0ac850f","sha1":"03f860447a4a000ddb6392e63e49459de0aacae4","sha256":"c2941424e2adfc015e7f5b3d414533f7abbf01c14804fcdd4f60fb24d13ab49c","sha512":"b2f8d8664f7ca092cb63fa125ace777ad9dd25ef0a35c848f60cde3a4918262b2c2c5b19a30bde4ae7f6e2b97107f979d600e9deb29ced02c9b241bbb9d7a11b","ssdeep":"","tlshash":"3f900215428119ec12a565104444a89024444c634a08526ad85b08090565d2131d7250","first_seen":"2025-10-05T14:44:22.5334Z","last_seen":"2025-10-05T14:44:22.5334Z","times_seen":1,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"apis-data-defra11.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis-data-defra11.tcgfs39a2.xyz/sfverbb3711de956af3ae1c22f707c8634e9ce7b4b6/api/match/live?sportType=0\u0026language=0\u0026stream=true","fqdn":"apis-data-defra11.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apis-data-defra11.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:41:28 GMT","end":"Sun, 28 Dec 2025 14:41:27 GMT"},"fingerprint":{"sha1":"D4:E0:E2:2A:77:82:32:8D:4E:16:CA:0A:19:A9:BD:5B:69:CD:5D:DF","sha256":"E0:BE:3D:ED:50:D3:A2:F2:0B:C8:9B:C4:55:79:D2:84:A0:28:DF:B8:4B:D1:DD:55:5F:E2:94:0C:F9:46:9C:F8"}}},"request":{"raw":"GET /sfverbb3711de956af3ae1c22f707c8634e9ce7b4b6/api/match/live?sportType=0\u0026language=0\u0026stream=true HTTP/1.1\r\nHost: apis-data-defra11.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.fctv33.buzz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nsa-host: apis-data-defra11.tcgfs39a2.xyz\r\nx-request-id: 554162b12_2101ba41a2d\r\netag: W/\"08c8a41780fe1d4c8a63dc530213b1431\"\r\nrb-port-server: 0.003\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: *\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: BYPASS0.009, MISS0.161\r\nrb-ray: vaBzihdHklq-60-HKG, aCplghdDelS-60-FRA\r\ncache-control: public, max-age=60\r\nvary: accept-encoding\r\naccess-control-expose-headers: *,Content-Length,Content-Range,rtimestampunix,ruserinfo,rb-session,rb-ray\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 22\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7HjcWCcTr8vmYxroMSBI0RGv%2BrrPMv30eJKixcp7N1rPq3LxSWW9YA3iggMice3YxBQrmlcmowXrKG%2Bi9yYBkIlelopFLs3dkndR%2BlJR9ypZJ1qxe3158OlUIYg8BV4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db1b0796b5a0f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44925,"size_decoded":0,"mime_type":"application/json","magic":"data","md5":"b521d2cea060525d9f24452156603259","sha1":"73a95c946e8e40475e76f3133fc1f65717194ae9","sha256":"1ab9baf7c64d6ef3c403f03eb0d581b302e9252319c5d87bc0541b8febd08dee","sha512":"55c92cff4d08477991162d7a7fa933de2293e305de00942dc7bd25b79423842b9bf43f22f1535fa098048647e805ae39175e951cac2df7a25923a28ee0cec21e","ssdeep":"768:xPJH+pvHLsskeZfxlx7V4+3JbcDWagbXEYtrXxu2pz3AFcs2qLpjtUBlivMZSSSC:xxALxatSX7Lpq30ZSSSSSTG","tlshash":"982367ff54ec2b712bef26ef42a3235ec4a206c9b9e6703afc51510581ada74458fc64","first_seen":"2025-10-05T14:44:22.534609Z","last_seen":"2025-10-05T14:44:22.534609Z","times_seen":1,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"apis-data-defra11.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/608a27fcc14.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/608a27fcc14.js HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vE1TdprwrbTjz91vPZEcFdybIp3aGrjg6vNbI6%2FsfartDNy%2Bx%2BqKpRp9DpcTDyMAikIHfZrSsKWeOAIHUYpFBtsfiKee3eMpLFn6KRN3OFxIJbpI2pE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c8916783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":615259,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators","md5":"28243ebce673bb6513f90b52057bab7c","sha1":"7c9e6c49cc20946ec976665e1bd54b24728d9355","sha256":"ae766b8b42cb3f0859eafe17f4765173db919100b02dafcace0159ce0ea82c22","sha512":"e87272ad6c85228286c3d4066d0730c74bbbbffaa3383a5e56cac96fc5ef96a8fa547cf26f02d9cb114dddf66be91c36cb6c06f6ea99b17f0b9348b70361dcc5","ssdeep":"12288:YFCkWD+oKkwXJmRYUfGSmpH43AnAOfqSSAK43k2buL5o5zH11f+1eSCF1wnDMQSw:YFCkWD+oKkwXJ6YUM1f+1eSCF1wnYQYg","tlshash":"09d45e14e328e6a4a37221b37d2d214765a91ea165f8fc12e3cafcb438d4749b07f59c","first_seen":"2025-10-05T14:44:22.536335Z","last_seen":"2025-10-20T17:32:58.155371Z","times_seen":7,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":48,"dns":35,"connect":3,"send":0,"wait":10,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/css/e479fde6b.css","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/css/e479fde6b.css HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GyR0i92UcOJJX6juQcFDgwkfCdNjneIgZrB3kVwc0REsboZtPKdUgb28PsoOTa06a4nqWvBY4ZujDpdIIiNfs23LaFb6WzNzYuyolEnJb5sEQjK219I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c78e8783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29022,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (29018), with no line terminators","md5":"c8d14f062afd280665bc9c1bfaba51a6","sha1":"9ed831cf7f347d0c74099c16129dad6231bb7029","sha256":"5de7ec931fe0b402e6d88b62f6b942a962e462b08635ff54f44a52856779d7b5","sha512":"20f3392335bbc54bbc2110079d040baa4ccf64e8d2a10541ff3237c307ea544ba4398277a6a9a8416e2da043f5e0d501f6405d68f06616542d8d9037f36ac834","ssdeep":"384:3+NfPFAy6pkYhDbi3pTlYhdzEiX/riLDW:3+NfPFAy6mYhDbypTlYhWK/riLDW","tlshash":"35d2421b14e2232d7127fc540aa8a6668265c532a34653f994b2772cc7dbf8227f724b","first_seen":"2025-10-05T14:44:22.537509Z","last_seen":"2026-01-11T18:57:01.989661Z","times_seen":34,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/dabebf01d1.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/dabebf01d1.js HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: HIT\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:24 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=niG0ugw0q3bSFvrETOexD2tNFUx3cmWnVASrECcPZTzMypPgYcQGaKZSivaKQ11s99Wv4e4djRZovQZWjhbvPzSsSE368aKWsK9LSqHKNVRPR0pseTs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c78e6783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37369,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (37369), with no line terminators","md5":"43098f4164521ddc7a27f211c4a2dd50","sha1":"ef7103de8a91eed5aafd3aa27ddc571c736db31a","sha256":"0778c3ab9326de6493d3442be83a059aade9bd2b450c49f854480119325ccf1d","sha512":"61f038adeffc8a1e9c9116d818e1d02f2f85f084f0e4a044e5f4bc84606bddce8bc199bc9f4eb6bec7b3844eaf19fdd564b98e137b684877e19eab6729f25929","ssdeep":"384:G6e3fE5VffERtrFJ/C++Qq4puISlv2+Y0vO+bGWGCG6P2oMrEBmZdXl:Gc5NfUt51jtjpi/Y0PFmvl","tlshash":"95f2f075c100e5bcf85cc656ae3d9f2cac3227e8e0ace462a56e701e5f824569c5cced","first_seen":"2025-07-04T14:45:17.772595Z","last_seen":"2025-11-23T17:32:53.634526Z","times_seen":59,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/263acc2270.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/263acc2270.js HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: HIT\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:12 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jBibyjpJJBDXWzId6ni74T9Yt1ujERGQK0rr%2BqstWn1fFOfizL2omrYVAiM2EBQAYDy4IxdDr9EhgcQj2kGCS54Sdwp3q88wxO6YRsmOUiaX3MMjPhk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c88fc783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1687,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1687), with no line terminators","md5":"fd4864b00f84b3805b38698ae67a6540","sha1":"d398c9de0dab73959d4453817659261a8f1ee993","sha256":"b8893d54a506b1bb58db55602eefdab1cc6a5e23b2761485458a965df5484e7b","sha512":"0dcb39fdcebd54cc23a397bd53151c933377f4abde172b7e0ef6a0191e54c013e9aa0ba1e0ca4c8562eb91981e948f2e99c8c8e6a4b7cee0a967cfa6c6a8240c","ssdeep":"","tlshash":"1731aabee195ebf04b36517a63779219902f022b680838f0c1b866a4939820ca476e7c","first_seen":"2025-07-13T14:59:37.172901Z","last_seen":"2025-11-23T17:32:53.607229Z","times_seen":39,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":38,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/css/d48cd89a4.css","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/css/d48cd89a4.css HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7%2BQfnZY0x0WOSzi70SB8Kovf0XEdlPIkGFHXy%2FwgQesCDTyIWpxlsAzAbZvoRg%2FQT%2BjvsPDM2yg80HvoPELArRp20k3dlQ5wCkgVv0C16pTeDX6JjWM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c891c783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89463,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (65528), with no line terminators","md5":"fc136867340e16c73746fcd402330319","sha1":"36292bab8438e69e49550ebb9c0dd636f2f07fbf","sha256":"52a9fc7b54fc92c67bea8d127689839a41638ea6cce878f255b72d6ce5d5790a","sha512":"ec42427fa52c9d6dc994d652618050d28e32c4576dc4a09abf977c0e28cafe311515cc3aaa3a86b9ba272d6e602d240493a21266d8efb6419233b33d25f0505a","ssdeep":"1536:rqjoMfeTPUzYHYDVVnzwKWWf8YQYvFo9p4NYSCYGYp8A:9Ujp/8A","tlshash":"5c93747b4182231da1178c210bac265697e6c473e24763fde9a13a39c7c7f8617b364b","first_seen":"2025-10-05T14:44:22.541118Z","last_seen":"2026-01-11T18:57:02.013619Z","times_seen":34,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":50,"dns":35,"connect":3,"send":0,"wait":11,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/img/webp/icon_lang@1.webp","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /img/webp/icon_lang@1.webp HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1542\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: HIT\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nlast-modified: Sun, 05 Oct 2025 06:37:09 GMT\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 28338\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T4qhGm1Kw45CiMtkQL%2FkPQAqtzh6hE%2FncumhVCf4LS0CLrMIAZoHjjlRvFciUqPFOVmt98fdz0hopUu4yoObnwnPXGwSF%2B0ADDvf%2F9hNaLWMpR3eQDM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c8909783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1542,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"80c68d2dbe70d29d35f7ab7dbddb5fc8","sha1":"fd810a3b0c2b253b39b701b1bd96d3bf7cc6c49e","sha256":"4b089a057b495f7676eebc4b496f5946fd1b7d00395b10e8cb2c088d28a189fe","sha512":"2f00f0649d2ac2102106c9a4fa751e532aa1080b7a806ea3ccd2e9acf1d7bc5c189f7dbd584fb29721497f52040344255bc164756a68e9f6470fa559a9127ef7","ssdeep":"","tlshash":"9431e78920364d5bbc03f44d636083803df26e9e7e0217abd79b8d06491e252471dc81","first_seen":"2024-06-29T17:47:25Z","last_seen":"2026-04-06T08:44:27.539454Z","times_seen":165,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":36,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis-data11.tcgfs39a2.xyz/api/common/params","fqdn":"apis-data11.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:50.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apis-data11.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:42:11 GMT","end":"Sun, 28 Dec 2025 14:41:59 GMT"},"fingerprint":{"sha1":"4B:02:F1:58:67:AC:F8:72:FB:80:B1:A2:62:DB:3B:14:97:ED:2C:74","sha256":"4E:CB:B6:AD:15:2D:4D:6A:14:CB:76:ED:1E:70:44:63:F3:EE:07:F0:0D:85:D0:6C:7B:6E:61:99:F6:B3:4C:22"}}},"request":{"raw":"GET /api/common/params HTTP/1.1\r\nHost: apis-data11.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.fctv33.buzz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nsa-host: apis-data11.tcgfs39a2.xyz\r\nx-request-id: 313161e2e_2109f6b1a2d\r\netag: \"0aaea98f202bf463ad9a894ecc81f6ae1\"\r\nrb-port-server: 0.002\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: *\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\ncache-control: public, max-age=60\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\naccess-control-expose-headers: *,Content-Length,Content-Range,rtimestampunix,ruserinfo,rb-session,rb-ray\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=myjiCF0KCCb5qmDbv2M%2BRVVj21u4iI%2BEzhsieVyXE1k2hsfT4QOeg7gP%2F7f7JGuJLbXctZacokWygJRu9ppmQ8flNmR0ztNaHQBeVnSype1xEP6r2hBO\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db1ae28ba712b-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19361,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (19304), with no line terminators","md5":"93d7984ef9b4384ddb76282403db1777","sha1":"d6c7964e6feca96546de2f1dc90c93f0d3a18c81","sha256":"a6857e32623234d22f89030d1248356d4ebb843923175fac31dda24671c27e8f","sha512":"9b7c2ee07301194446bdb73cd497e0106d1134780502d27ecfe98ba9a0611cc9d24f93297d68455a19430f0f5822222d4acea43f44003d8a720e64bd35bacee9","ssdeep":"384:yns1VOgiWNROymPd0Vbg7pqYOwa7JDMExkKQl2JJoeG/Nx0lx0ulrZWHijm5AFci:muNYym2bmm7QhO8a7diV/Ro","tlshash":"339274dd8e9219293cc820550128f94eee0daeba28739e75d00f6b0dd46fb2714f79b5","first_seen":"2025-10-05T14:44:22.543845Z","last_seen":"2025-10-05T14:44:22.543845Z","times_seen":1,"resource_available":false,"data":null}},"time_used":10367,"timings":{"blocked":5073,"dns":5057,"connect":3,"send":0,"wait":221,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"apis-data11.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.rbtvplus.com/","fqdn":"www.rbtvplus.com","domain":"rbtvplus.com","tld":"com"},"ip":{"addr":"104.21.50.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-05T14:43:49.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbtvplus.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Sep 2025 18:22:59 GMT","end":"Fri, 05 Dec 2025 19:21:29 GMT"},"fingerprint":{"sha1":"C9:3B:B2:6B:35:48:E3:1A:3E:36:63:7D:93:9B:A9:E1:77:CB:80:27","sha256":"A9:83:B4:D5:38:D2:07:5B:C5:51:ED:C9:A1:70:84:31:B0:08:81:D2:1B:FC:58:8F:BB:3A:46:34:B1:D8:B3:28"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.rbtvplus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\nlocation: https://www.fctv33.buzz/\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D5lCDYrQKqqU0HhD8WHRw1zQ18h0MJR3IAJE2YnyFLufzk614OtO%2BfN0R4wWGX2tfAM2giK9GEtQIjzeDDAgSCh%2F3LdE5bfKXcVPSyVX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 989db18a991e56a3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":68722,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":361,"timings":{"blocked":178,"dns":0,"connect":3,"send":0,"wait":5,"receive":0,"ssl":173},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/js/mtg.js?v=2","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fctv33.buzz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 08:13:26 GMT","end":"Thu, 27 Nov 2025 09:11:09 GMT"},"fingerprint":{"sha1":"2D:92:E7:D0:6D:8F:73:5F:50:B4:98:5A:F9:43:56:CA:2C:72:6B:F7","sha256":"73:81:C5:89:7A:D9:BD:57:7A:36:4D:EB:84:2D:F2:8C:6E:DD:9C:69:3B:7C:50:D7:4D:2F:FB:66:9E:83:C1:A3"}}},"request":{"raw":"GET /js/mtg.js?v=2 HTTP/1.1\r\nHost: www.fctv33.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LYjd5%2B7IO7w6GCE5f8LYyahYiwNbth1Au0Ns8Y4hf2ackzXOduodDGcEcbd3cX1ww%2BRrqSV1FeTF7Kth7YeKyeBpnFeF7QW4F8A0drXc0Q%3D%3D\"}]}\r\nlast-modified: Sun, 05 Oct 2025 13:07:42 GMT\r\nage: 445\r\ncf-cache-status: HIT\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 989db18c283da41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":351,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"ec69d6340f06231b3176a610695d3c6d","sha1":"7545891318097ff79b293b9cc3d3bcb68a0619d0","sha256":"5e6f4fc27aa96f524f3ac23d099a1f2f3c29c30f4f942d634139995652916bb4","sha512":"c053a155ffda4f89b5d75a54eeb2d83458c78eb84fe57950945449b4298a47f61e2c53f1ddf946a146629f50fee55ab554a57ef48ded631911f63de86e18889e","ssdeep":"","tlshash":"e8e0c0da70510871b5ae86b573b5a1247153550cb4191922cdfdc824681c987482208c","first_seen":"2025-02-02T18:21:06.747357Z","last_seen":"2026-04-06T08:44:27.512806Z","times_seen":142,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/css/173b94d52.css","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/css/173b94d52.css HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9185GA8lBaCq6e%2FZPgH33vU2awMUANtiE291nTW9PzknOLxi0tGC6vVNDKYPaWGj7ZtwPHcdGM%2Bjz%2FH9%2B3MeIv15hBsbGLW83VU5jF%2B4b939XDsBq7g%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c78e2783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57434,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (57426), with no line terminators","md5":"344e1929ef503c8a269ea518249701a5","sha1":"cd4aa3d4cfd6bc2907fc88b5cff50419c510ecf5","sha256":"badd5b1b6aa0cf8b28b1cdcf0b728d3785d3f481925e35f859fb6260c269f198","sha512":"4910e052974114eee9aad350d0e86098a0faa799f2a619942ce36aa93ca5d5866d3f195499d774d04a83030d3ed22ec99e3305f303ea9466ed833bd8109a0fb4","ssdeep":"768:CnzwKWWfJ+Yh+YhNPTpfa3kOOPGkmXYhqYhKO3X+Xh:CnzwKWWf8YQYvtfa3kOOPGkwY4YH+x","tlshash":"7f43433f5192131ca5179c210f9c2a12a7e6c863e31363fed9916a3acbd7f46167260f","first_seen":"2025-10-05T14:44:22.545827Z","last_seen":"2026-01-11T18:57:01.997225Z","times_seen":33,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":40,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/css/25b2c269a.css","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/css/25b2c269a.css HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9e%2Bh3bLergZp2hHLZYi0%2B3pVy6tnUfBQ6mQdbOWqW2a2f5SjLkedkImk1%2FXjQCUt6QlhQeOxLopfeaPdp7%2FXZCVJcsnq%2B7pPk302ywk9AE%2FJ%2B6%2BBvmU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c8903783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":341284,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (65526), with no line terminators","md5":"ef3d48bb0f9ddf0bf30c8ba5418df2e0","sha1":"079d4ebd702d4e138826a45f271a303f9e6df700","sha256":"f8aed495947d89163344e0bfa3ec0cde5569e1b92e4d2a4c091625719f4e28d8","sha512":"c5b11b2efad4a5c14754f1253e719588ee3e27644afa5e3ad0aade5688ce14804bd417ed6951976ffd31a89fd0804f4b2bad86bd2eeb6e27c29db1ef30a26e63","ssdeep":"6144:YreVtuH9k0bH/O9g2nldu1n7jE9Scb1dkn9qI5:YreVtuH9k0bH/O9g2nldu1n7jE9Scb1O","tlshash":"2e74753b6156272c9137dc210b9c2601abd5c963e212a3fcd9a06b39cfd7f86177364a","first_seen":"2025-10-05T14:44:22.547032Z","last_seen":"2026-01-11T18:57:01.979865Z","times_seen":33,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":37,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/img/webp/icon_apktv.webp","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /img/webp/icon_apktv.webp HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8050\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nlast-modified: Sun, 05 Oct 2025 06:37:06 GMT\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 28338\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BaJRWju7E%2B06AaiZCks9f6%2BDb4huND2BQDEUALnoIGFUk01ODSjTzhzsZFQGS8cz0OYkwf9He%2Fw0Gl5J2Z6iPNBJxOwpAe0GLDHxEhgKg0EMwFa%2B7ac%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c8907783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8050,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b8072e44ed0728849788b0fc2625fd17","sha1":"30ff7a4919270a2189dcd307266653fe094c8a0c","sha256":"82f0aba4e16bb1d4eabe75a535c0755de8e4598b83ad8c0a2250b1d2dfce8e0c","sha512":"e1504fcac00cbd7e8af4ddb0d15c3676217b779561b8148c4e83ddeb39c87e6415385b4f63f3e5608957e6fe1e1faae0853a7e34214f674ce95a5c504da1c01b","ssdeep":"192:rwTJM3CEKOUtGf94nAmVr3vOZ+zIdIoBZeMkzlMNF3utXGNdIb:rwT6gOUkf90AmNfOZsNecBz2jy","tlshash":"baf19d10b393557ae307023a40e80566eb67af49631b96e3e3d24a70b9cc1b21b0b94b","first_seen":"2024-06-29T17:47:25Z","last_seen":"2026-04-06T08:44:27.49137Z","times_seen":165,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":36,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis-data-defra11.tcgfs39a2.xyz/sfver8896667021ff6c2ff42fdef9fd0bddd0/api/match/count","fqdn":"apis-data-defra11.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apis-data-defra11.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:41:28 GMT","end":"Sun, 28 Dec 2025 14:41:27 GMT"},"fingerprint":{"sha1":"D4:E0:E2:2A:77:82:32:8D:4E:16:CA:0A:19:A9:BD:5B:69:CD:5D:DF","sha256":"E0:BE:3D:ED:50:D3:A2:F2:0B:C8:9B:C4:55:79:D2:84:A0:28:DF:B8:4B:D1:DD:55:5F:E2:94:0C:F9:46:9C:F8"}}},"request":{"raw":"GET /sfver8896667021ff6c2ff42fdef9fd0bddd0/api/match/count HTTP/1.1\r\nHost: apis-data-defra11.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.fctv33.buzz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nsa-host: apis-data-defra11.tcgfs39a2.xyz\r\nx-request-id: 779162835_19457491a2d\r\nsa-cache-status: HIT\r\nrb-port-server: 0.001\r\naccess-control-allow-credentials: *\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: BYPASS0.003, STALE\r\nrb-ray: vaBzihdHklq-60-HKG, aCplghdDelS-60-FRA\r\ncache-control: public, max-age=60\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nvary: accept-encoding\r\naccess-control-expose-headers: *,Content-Length,Content-Range,rtimestampunix,ruserinfo,rb-session,rb-ray\r\netag: W/\"0d8ebf581bf8abd4efe1be2f4ad2fb468\"\r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FuJxsOuJe3z8ziiJKEufL1%2BGtJ4kQU%2B7AiZ9BpqJpoSQ2agN1Vwm1L42OdWyON5GqXUFXP5ssYgtSLho7MtEDNqoZA%2FwRe05m96VZ8LSWJsxU%2FjwTDXN0WGnfQ8pJ%2Bs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db1b1ac375a0f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":104,"size_decoded":0,"mime_type":"application/json","magic":"data","md5":"84092244232899968dc4d6138b7c0425","sha1":"25d47d090f5ca39f6a171a6604d4d820f0e55c92","sha256":"833f1afe381078c09b6fbb5271db310b90b9a6915dd44e6df51b01bb7676f210","sha512":"3a44093bbbbcb349ec4fe91b8665817a48fe8f39feb53de4ad054f23f8c8e06f24c487ffdf9785ce71a249d84fca92a4b95eb8109cb01c6ca5e9afdd9c9d5163","ssdeep":"","tlshash":"32b01221076310ccc7404f6856d27fa01060543951013dd4d1c10008c21002c101b74f","first_seen":"2025-10-05T14:44:22.549994Z","last_seen":"2025-10-05T14:44:22.549994Z","times_seen":1,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":86,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"apis-data-defra11.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"logos2.tcgfs39a2.xyz/aelogo/country/ger.png","fqdn":"logos2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"logos2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:39:41 GMT","end":"Sun, 28 Dec 2025 14:39:25 GMT"},"fingerprint":{"sha1":"07:D1:03:98:07:0A:D4:71:95:DB:B4:08:6F:25:00:C4:D8:9C:EC:C3","sha256":"E7:3B:FD:EC:A8:B6:AC:97:6F:2D:2E:51:D1:B0:44:69:46:FA:D9:49:B2:07:9F:CD:93:B1:F6:69:23:A7:E4:D7"}}},"request":{"raw":"GET /aelogo/country/ger.png HTTP/1.1\r\nHost: logos2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 666\r\nserver: cloudflare\r\nsa-host: logos2.tcgfs39a2.xyz\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-oss-cdn-auth: success\r\netag: \"2D20C856455F13ECBB6786DFDA113BF2\"\r\nlast-modified: Mon, 01 Nov 2021 02:44:11 GMT\r\ncontent-disposition: inline; filename=\"ger.png\"; filename*=utf-8''ger.png\r\ncontent-md5: LSDIVkVfE+y7Z4bf2hE78g==\r\ncache-control: public, max-age=2592000\r\nali-swift-global-savetime: 1749529115\r\nx-swift-savetime: Mon, 22 Sep 2025 18:28:53 GMT\r\nx-swift-cachetime: 22499382\r\ntiming-allow-origin: *\r\neagleid: a3b54d9f17585657339345510e\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\naccess-control-allow-origin: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tVueS1GOB%2FPn8E9rYkXVqxC9P4qiDXzLnXVolrWw6XxglK2OcfLYlbYtsan9wvwh7YiJ53MFwydXhmmPsEfiLba7GqfprsHAk5L57g%3D%3D\"}]}\r\naccept-ranges: bytes\r\nrb-cache-status: HIT\r\nrb-ray: kexoleswlaed-30-SIN\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-cache-status: HIT\r\ncf-ray: 989db1b1f9180daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":666,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 333, 8-bit colormap, non-interlaced","md5":"2d20c856455f13ecbb6786dfda113bf2","sha1":"40cdb0bcec18f98cd402675a63b61dddafbd856f","sha256":"bf0b49939791d5e8fe15dc7d5f038c51f80b00926205b0ed81199bcae0bc660b","sha512":"7d2b5cee8d7ff1f9b6b467d3d5910030cfeb9d640c2052568043055815366f11b0f6cb7a1d4d1c2e393c76a06bcceff14b241fdbacc974b367f195a4feb88cfe","ssdeep":"","tlshash":"8e01328f4fb0ae549b32c7e9f673308c92c7c23012add46068f38e31d8009c98256073","first_seen":"2024-08-20T12:30:07.888216Z","last_seen":"2026-03-22T20:17:25.117215Z","times_seen":22,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"logos2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"logos2.tcgfs39a2.xyz/aelogo/football/team/3ab85cf20a3ed001a60a9fcd8ec09afe.png!w80","fqdn":"logos2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"logos2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:39:41 GMT","end":"Sun, 28 Dec 2025 14:39:25 GMT"},"fingerprint":{"sha1":"07:D1:03:98:07:0A:D4:71:95:DB:B4:08:6F:25:00:C4:D8:9C:EC:C3","sha256":"E7:3B:FD:EC:A8:B6:AC:97:6F:2D:2E:51:D1:B0:44:69:46:FA:D9:49:B2:07:9F:CD:93:B1:F6:69:23:A7:E4:D7"}}},"request":{"raw":"GET /aelogo/football/team/3ab85cf20a3ed001a60a9fcd8ec09afe.png!w80 HTTP/1.1\r\nHost: logos2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:56 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3152\r\nserver: cloudflare\r\nsa-host: logos2.tcgfs39a2.xyz\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-oss-cdn-auth: success\r\netag: \"B931BC3A8C6A8728DC6BF30D6B0A625F\"\r\nlast-modified: Fri, 19 Jan 2024 07:24:46 GMT\r\ncontent-disposition: inline; filename=\"3ab85cf20a3ed001a60a9fcd8ec09afe.png\"; filename*=utf-8''3ab85cf20a3ed001a60a9fcd8ec09afe.png\r\naccess-control-allow-origin: *\r\ncontent-md5: uTG8Ooxqhyjca/MNawpiXw==\r\nali-swift-global-savetime: 1757867498\r\nx-swift-savetime: Sun, 14 Sep 2025 16:31:38 GMT\r\nx-swift-cachetime: 31536000\r\ntiming-allow-origin: *\r\neagleid: a3b54daa17578674981405875e\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6nWjmL5NzA8gbYvtqPcqx5lupoKrWY77kXUdQ88dmmE3YAASEjlaaq5dkbQFGzeMDPmVDHBGy9qwKKYyYsfoCnbR26cjU6i3Rufngd6c\"}]}\r\naccept-ranges: bytes\r\nrb-cache-status: HIT\r\nrb-ray: kexoleswlaed-30-SIN\r\ncache-control: public, max-age=2592000\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-cache-status: HIT\r\ncf-ray: 989db1b1f9160daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3152,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b931bc3a8c6a8728dc6bf30d6b0a625f","sha1":"54f36d5431b636ff8aa53b4c100c6f388ed6186b","sha256":"fcf1af90bb423778a6b99c38b5fd833e29712ddb5ab506e079e9d58f3b93866b","sha512":"c52b1bff0f7c6e9de0553d895918d776c62881383ce909e1eb5dd595fc3589a5825b4655462898cd4f53638c329cb450b49cdd74af3aed33b2a4b9da4c408d9e","ssdeep":"","tlshash":"23516c84a0e3e6aac646980f2e9173d6b8fde10b630047f7b03738454f5e06907083cb","first_seen":"2024-10-04T10:54:01.037436Z","last_seen":"2026-03-09T03:44:41.476398Z","times_seen":38,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"logos2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/410c85393.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/410c85393.js HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dI73lcpTW%2FFsRW5YnWZDnp3XXwmTkLQlm4NXvow7eHLX53EFX84uCEqhgWLAyK5JMaDIJyYm4xdkoJ7T%2FpEuCU8XRrHQsEFQ7p8F8mD0V2GuLZNaqp4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c78dd783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9140,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9140), with no line terminators","md5":"55439211d3215c8e400a46c1e281ec26","sha1":"82b90d06c911ca315ee99463c966da93cbd5ed67","sha256":"8cab7c3195c23631476cdeabfb85181f0abc8027dadac886b1e91831b57f7940","sha512":"89c8b8fd81709c0e9fb4026bd5c9a4dd0b24123012efbef44017808f55bca6e6f51f24d9cefdaf5070fc1f5aaea2667c0731405c24a412db4bdc424e653e748f","ssdeep":"192:jE/9lNw/kkbCSewWJd4oW/kkbCS0Ujb9S/CFScGLoKOgsdQagp:2NakKbewW8xkKb0qSkTgp","tlshash":"68124292b318fd78d679a22bf3312055e83991a3c1dbdaecc036fc50f958b446e505aa","first_seen":"2025-10-05T14:44:22.552482Z","last_seen":"2025-10-20T17:32:58.157598Z","times_seen":7,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":42,"dns":36,"connect":1,"send":0,"wait":10,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/img/webp/icon_st_live_active.webp","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /img/webp/icon_st_live_active.webp HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11366\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: HIT\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nlast-modified: Sun, 05 Oct 2025 06:37:13 GMT\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 26762\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P3Fjawdg5GjWf%2FHY1%2FdkQg8r4zviSkzjDI94QEWnd%2BGRlHJ%2FD0Csqv2%2BShhNr%2B14tLKi9WFA%2FvwueFAzVh9LV7QqQDZsLpqP1k01jGL%2B56iwG7SU1ac%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db1b03872783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11366,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5b0de0136c71d8f1b9642ad0497ecd8c","sha1":"3e9e9674f4997b577f518a4c9bfa246dcf86c4f3","sha256":"a26ca8f54630317d041a33517cb92094441eea8d8101fc0e9ab21ea6cceaf1f9","sha512":"5893dfd3324d8288db7c724e550c13043e9fffe30ed1fbccee1c76b545996f1884b236df32749cf547c5665ca114c74f628ed1d71a827e52f738079c6dcbfed5","ssdeep":"192:buwTg+1VfIcUsWkFnT01/5tCgAPKc9SNFMAUPlNOAlcfLViuSWJ+LZsoQkZmM:buwTg6Vvp90zogsKc9SNnulEdVipW0sY","tlshash":"4232af0616a8818bde4a823455319dc1ffb274f2093d90f64fa7ae08681b7c969bcdc4","first_seen":"2024-08-21T05:28:08Z","last_seen":"2026-04-06T08:44:27.529756Z","times_seen":131,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/img/webp/icon_st_tns.webp","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /img/webp/icon_st_tns.webp HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11214\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nlast-modified: Sun, 05 Oct 2025 06:37:06 GMT\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 28343\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sMVeyW%2Bai99lvDdPI%2FVoep7ABzY2m6Xzfb93H50qdh3HOOBJQzU%2FRAWsBYap4nBWOklqCcKB4LDLG2nfxxVPnihFM%2BzAzeepvHEMY7xh9R7zG5jKrvM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db1b03876783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11214,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"fa93b4932a79a2b904363a3263409837","sha1":"e4d56834dec9b360a44c834da6df70e2103c3c88","sha256":"0b7ba9c1d5c692b6757842b60a3589b6c1b62893f97b055e322ff4a01d5df459","sha512":"56b2ea592d48e589697c43c274f040403fa3af4ed82aa99d120ac4051ff94197b446e89a15588314d57ebe47c210dd7d26a098a64c18abefe534eee18e38528f","ssdeep":"192:5JJNEmpJkITcH8BdCkeOo+VcORacsDCrmt+T5DVPjcjFjjyC7f:57KIVBUkeOHOOuIa+VVPgjByG","tlshash":"2932d098d30b3633c62ea525798a4357dd6ecbb4cce7690b2ae202347cde7554448ee3","first_seen":"2025-03-28T18:40:52.579246Z","last_seen":"2026-04-06T08:44:27.541138Z","times_seen":124,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/img/fc/web_logo_fc.svg","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /img/fc/web_logo_fc.svg HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nsa-cache-status: HIT\r\nlast-modified: Sun, 05 Oct 2025 06:37:09 GMT\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 27237\r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=koY3RlagiPFeSoQ6i8%2FZ1sBhEbQsvBXdGGot0LLKKXZK2R0d6ADWzz%2BqSHYtxdwu5Fc0XPVAublre%2B3vlUgjsMfqTDkO6erxXCkOM7AYFgBdGSAFmMw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c8905783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3489,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6b5a6684f65e079040e2f7dd2546006c","sha1":"b282d2742a9b03cb586de69cdfdde1cf2b89e831","sha256":"728520b1aa63f59d676051416ce5f41249e0791dcf4140cb3d98c67f43dd836b","sha512":"cf3d475fb352c35ceabe5c07f46d0c2d7bdc5285f1303cb102e622b996fe7bfdb01ebf84bbc1bd17accdf838665b8b415b30f5b9fe49057704fc6b6178356a01","ssdeep":"","tlshash":"8a712296933c43fce58646548a38607336f2a4ef7574e2ecd633aa51a6c6bf04074878","first_seen":"2025-07-23T04:34:24.830315Z","last_seen":"2026-04-06T08:44:27.511752Z","times_seen":65,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":37,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-TXMZ5WN2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:34:17 GMT","end":"Mon, 08 Dec 2025 08:34:16 GMT"},"fingerprint":{"sha1":"71:28:4D:CB:A8:43:CE:20:8D:C2:D0:1C:15:47:53:FB:EE:1F:E6:6C","sha256":"FD:F8:A3:C0:21:C0:03:15:43:2F:C7:36:8C:50:6A:39:57:B4:06:6A:0D:82:33:AB:55:A7:80:D2:E3:79:B8:11"}}},"request":{"raw":"GET /gtm.js?id=GTM-TXMZ5WN2 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 05 Oct 2025 14:43:50 GMT\r\nexpires: Sun, 05 Oct 2025 14:43:50 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Sun, 05 Oct 2025 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 107082\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":314275,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5198)","md5":"3db5abcec2c404fd26198b3e13286d14","sha1":"bb9f8371dd66abbbc6b98a01f27ebe2d5dd6670d","sha256":"f50dac7a315874300dd1836fcf8e5ae0bb9dfb2c988fbeecb309e561ba59d5d2","sha512":"248812838b01d0d061da150a3200dc465910fc2ade08eb01a1af471e2413bc5af7f4a81f1c005110965dfbb1e5dd6cda21179f657c0390ec7f7ac5fc40af3770","ssdeep":"3072:JbcUV2o5qmTaksb0GIOU3Ty9durXx9COvCVJ+cvXIcEgk6dSLd6I/suNDCwZG:jZTzDyYvRCdwtgk6dSLd6g/Cwo","tlshash":"ed6419cdb3d6b46283a3a478403f018bb17b68d2e44cd895f185d8d42e74aaa4277f7d","first_seen":"2025-10-05T14:44:22.558054Z","last_seen":"2025-10-05T14:44:22.558054Z","times_seen":1,"resource_available":true,"data":null}},"time_used":233,"timings":{"blocked":0,"dns":0,"connect":8,"send":0,"wait":28,"receive":19,"ssl":177},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis-data11.tcgfs39a2.xyz/api-cf/common/timesync","fqdn":"apis-data11.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apis-data11.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:42:11 GMT","end":"Sun, 28 Dec 2025 14:41:59 GMT"},"fingerprint":{"sha1":"4B:02:F1:58:67:AC:F8:72:FB:80:B1:A2:62:DB:3B:14:97:ED:2C:74","sha256":"4E:CB:B6:AD:15:2D:4D:6A:14:CB:76:ED:1E:70:44:63:F3:EE:07:F0:0D:85:D0:6C:7B:6E:61:99:F6:B3:4C:22"}}},"request":{"raw":"GET /api-cf/common/timesync HTTP/1.1\r\nHost: apis-data11.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.fctv33.buzz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\nserver: cloudflare\r\naccess-control-allow-credentials: *\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\ncache-control: public, max-age=10\r\naccess-control-expose-headers: *,Content-Length,Content-Range,rtimestampunix,ruserinfo,rb-session,rb-ray\r\nrb-ray: kexodfaehKlM-0-HKG\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nrtimestampunix: 1759675435\r\nsa-age: 68\r\nsa-cache-status: HIT\r\nsa-host: apis-data11.tcgfs39a2.xyz\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2lGwJf6i3%2BSZrRUQ9VBgsp16M9471OAHitaxmwE8fZiv3RvCD4d%2BxAHVxQnCp6G3iBrc46m3mmBeqWBmi0jkhCGMmRS3BpgKBqDwN23Hh6ugOfBm%2FJvy\"}]}\r\ncf-ray: 989db1afca11712b-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"apis-data11.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/css/5eaf6443d.css","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/css/5eaf6443d.css HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tXb6NhuifSS9ZqaibIqgrx1QnSgib33F8oM28D7H%2FR4i%2BCs%2FPotKqEzuSDHp03B7ZoMRWAq%2BHp4SxGOOsP%2BmRSiGn9TI4%2B0wBSMsdyF8R7XKSoHJiJw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c8912783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":100296,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"32aa4521f05a0f601bb788c04ff908f6","sha1":"9b8a6c7974b02ca8f4f9907cb838ee7d6b388ed8","sha256":"736b27e77d3e155ce0ace0dc38720c0c8d4f068fddb29b53ee7b2cf6a39e0469","sha512":"f48b6541ee044e47e95f15fa2791ae581b36268c6bd8d82606f16dceef9ddeb8f6ed7694c5a4500f2d9b2db2a9e288884af9fb89e0d5bebba2f1cfe8dd537536","ssdeep":"1536:V6QbFNJ+jqkiHcarx3WqyrtpqoSWEDZornzwKWWfcYNYvT:VZrxmNH9yDRT","tlshash":"daa3e77b80c5129cb31bcc118fcc6694e6e6d423d6414ab9f0556a3d8fdbf890267e2e","first_seen":"2025-10-05T14:44:22.55954Z","last_seen":"2026-01-11T18:57:02.004134Z","times_seen":34,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":45,"dns":36,"connect":2,"send":0,"wait":16,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/dbcb5d1d92.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/dbcb5d1d92.js HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SFSNdOhnKjYdTAvRQ2YLkvb1L%2FNu2RSgw1McCY%2FJXX3RqLxZlNSA5CwIRpezOYcR385nRjias6W6eANuFB%2BJXOQOe3BgbIQnl%2BaZuzcSmdM9UZJm3Jw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c78e9783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9346,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9342), with no line terminators","md5":"7a0c664a32fd20909c2f0719d3b9add9","sha1":"76f20f5bcd846a262b756647e58c8f954e97120e","sha256":"d0a5f105873d364ac97a5ab697d3076b94453c3c98ee6b3e03212a22b4c71f8a","sha512":"479c1bfb9656254e5869f1cff0e1baa9c983b460fbe481b5202244f9f16c51ff758eeff1e6a4046d0aec3951efe2b87883d57e41d5770fe27fffd300090c3efa","ssdeep":"192:WrPfOF3kGohwGrfnR0cok2nriQ9nPiB12Qu73ykCJyIctctZ4p:WrPfOF0GohwGrZ0++iQpiB12j73yyxu0","tlshash":"6d12b5b86574d3bc13c906b7e9f66120a9b9044eb44de8b0f0bd8d75bb72708d89083e","first_seen":"2025-07-23T04:34:24.856507Z","last_seen":"2025-10-20T17:32:58.180439Z","times_seen":12,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/css/0e5e381b2.css","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/css/0e5e381b2.css HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ehYjFzsOq4hsywXH9pV90Ylj9sK%2BysB8Mz8vW1bV999NH2n52aGI1DIdZlIhM%2FJ3SyTykzxotHfifxUgbRHjSKm1AJAs%2FXBJS987Zz36NGlXiTEDPN0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c88f8783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32772,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (32768), with no line terminators","md5":"3d25dc4588d1c91d473b8950cc6ad404","sha1":"42ec69dd6729199d386aae00d5c9855edb685b27","sha256":"1151d719df1bd74856e31a62d903683ef12b8bfb24a3bba2b5aef1cf36cdbb6a","sha512":"81884aa252b7e1ae7919d34d18fdd60a0a03f8cf44bfeaf3d78c8ce1356efe1c01917cbd0b708a458242b3b0e6c551ec7f181a6f8f994285a93deb379f8c27f3","ssdeep":"384:RclW5Jo7zDRYhN2YhErz1p1L4z7nOu74QMzsQX8alNZZr2SlwV0v0iHK:RclW5Jo7zlYhwYhErz1pJs7Ouwug7k","tlshash":"16e2341782913b1cb537ac640f696b5595a4c867f21223fdbda27e38c3d7b8106a234f","first_seen":"2025-10-05T14:44:22.563423Z","last_seen":"2026-01-11T18:57:01.998565Z","times_seen":33,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":38,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/css/e4d6e9cea.css","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/css/e4d6e9cea.css HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6tWNKTTH7cjwZ3k%2BNnRUQvhO1JolBLS1rS4SSl9V2bOLlunhXEe2P3On1NoaUcZIMgcBNxzdVLno2jiYQiUYTlB%2FyFbXDWl77xxgI22V22DNTWW5Ohc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c8901783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25572,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (25568), with no line terminators","md5":"9f4f8b09075797f19278bbb3e6bb5002","sha1":"d3e1178a4830e2ed026f9b50d94b0cd9e848f02a","sha256":"4f0f0089122695b95c8d93644a36920a1097f02b7142a28630bf31e545837ce2","sha512":"07402a6336747afae6a378716e60d20b31f5850cd58b1ff9e2ecfdff01b53c1dc4d2d5639214c4e91270fd3cfb59c075ed17ec5041ce94401bc1991004f93dd0","ssdeep":"384:1CfOltCiv6zbDifEYh+RYhRWb5RK6cfPgREQTn:1CfOltCiv6H+cYhwYhRcn/rTn","tlshash":"39b2515f02512f2ea927cd6d0ba92e9a5665c537c71b23fc98523e14cbfbb4106f2306","first_seen":"2025-10-05T14:44:22.565112Z","last_seen":"2026-01-11T18:57:02.004872Z","times_seen":33,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":37,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis-data-defra11.tcgfs39a2.xyz/api/common/bs?code=100\u0026sportType=0\u0026stream=true","fqdn":"apis-data-defra11.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:44:02.784Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apis-data-defra11.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:41:28 GMT","end":"Sun, 28 Dec 2025 14:41:27 GMT"},"fingerprint":{"sha1":"D4:E0:E2:2A:77:82:32:8D:4E:16:CA:0A:19:A9:BD:5B:69:CD:5D:DF","sha256":"E0:BE:3D:ED:50:D3:A2:F2:0B:C8:9B:C4:55:79:D2:84:A0:28:DF:B8:4B:D1:DD:55:5F:E2:94:0C:F9:46:9C:F8"}}},"request":{"raw":"GET /api/common/bs?code=100\u0026sportType=0\u0026stream=true HTTP/1.1\r\nHost: apis-data-defra11.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.fctv33.buzz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:44:02 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nsa-host: apis-data-defra11.tcgfs39a2.xyz\r\nx-request-id: 397162b2e_210e5291a2d\r\nsa-cache-status: HIT\r\nrb-port-server: 0.354\r\naccess-control-allow-credentials: *\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: BYPASS0.357, HIT\r\nrb-ray: vaBzihdHklq-2-HKG, aCplghdDelS-2-FRA\r\ncache-control: public, max-age=4\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nvary: accept-encoding\r\naccess-control-expose-headers: *,Content-Length,Content-Range,rtimestampunix,ruserinfo,rb-session,rb-ray\r\netag: W/\"0ec82c0581a1d5d294876daa8d0ac850f\"\r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EWScHFLrVnnG8ucSI%2BPgZwcRj5%2FSwGCyhb9D8Es3VnfcEFc2flFBxogiT02QxPhbBY%2Bfc3KNmI%2FLJvSQzY7Mf20s5y%2B4dpj70g9wPrW9M648vknxXRtNwgFt4kgSZg4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db1dd6a195a0f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49,"size_decoded":0,"mime_type":"application/json","magic":"data","md5":"ec82c0581a1d5d294876daa8d0ac850f","sha1":"03f860447a4a000ddb6392e63e49459de0aacae4","sha256":"c2941424e2adfc015e7f5b3d414533f7abbf01c14804fcdd4f60fb24d13ab49c","sha512":"b2f8d8664f7ca092cb63fa125ace777ad9dd25ef0a35c848f60cde3a4918262b2c2c5b19a30bde4ae7f6e2b97107f979d600e9deb29ced02c9b241bbb9d7a11b","ssdeep":"","tlshash":"3f900215428119ec12a565104444a89024444c634a08526ad85b08090565d2131d7250","first_seen":"2025-10-05T14:44:22.5334Z","last_seen":"2025-10-05T14:44:22.5334Z","times_seen":1,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"apis-data-defra11.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-RWYKQ7ZE0Q\u0026cx=c\u0026gtm=4e5a11","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:50.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:34:17 GMT","end":"Mon, 08 Dec 2025 08:34:16 GMT"},"fingerprint":{"sha1":"71:28:4D:CB:A8:43:CE:20:8D:C2:D0:1C:15:47:53:FB:EE:1F:E6:6C","sha256":"FD:F8:A3:C0:21:C0:03:15:43:2F:C7:36:8C:50:6A:39:57:B4:06:6A:0D:82:33:AB:55:A7:80:D2:E3:79:B8:11"}}},"request":{"raw":"GET /gtag/js?id=G-RWYKQ7ZE0Q\u0026cx=c\u0026gtm=4e5a11 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 05 Oct 2025 14:43:50 GMT\r\nexpires: Sun, 05 Oct 2025 14:43:50 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 126803\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":363542,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"2db70dd429fa78d6eaa4f057fc5a86db","sha1":"d17c61928448c805018088b0542ffa74e6e166a9","sha256":"a2ed51d30adfc84f2f11a3db4af9fbab3433ac345f19def6c9909aaeeec6d800","sha512":"3e6b6fe925ef79f6016b215297f40ff84b8ce1c2e408ae112ec9441335cb3aee37c6a6ab9b4cdbec67bcf0237c9eb76560b71376c2e90b34ab1dbfc0c835bb8e","ssdeep":"6144:xlZTP5DyYvRC1cZwtgk6dSLd6gzf1X+6VSK:ZbdtvIcZwhOK","tlshash":"137419cdb3c670665392a478903f018bb5bb6892f44cc899f186dde42e74a9a4137f7c","first_seen":"2025-10-05T14:44:22.566746Z","last_seen":"2025-10-05T14:44:22.566746Z","times_seen":1,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":31,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis-data-defra11.tcgfs39a2.xyz/sfverbb3711b9939f4fac19e591babeef066f90e9ec/api/match/live?sportType=0\u0026language=0\u0026stream=true","fqdn":"apis-data-defra11.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:44:09.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apis-data-defra11.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:41:28 GMT","end":"Sun, 28 Dec 2025 14:41:27 GMT"},"fingerprint":{"sha1":"D4:E0:E2:2A:77:82:32:8D:4E:16:CA:0A:19:A9:BD:5B:69:CD:5D:DF","sha256":"E0:BE:3D:ED:50:D3:A2:F2:0B:C8:9B:C4:55:79:D2:84:A0:28:DF:B8:4B:D1:DD:55:5F:E2:94:0C:F9:46:9C:F8"}}},"request":{"raw":"GET /sfverbb3711b9939f4fac19e591babeef066f90e9ec/api/match/live?sportType=0\u0026language=0\u0026stream=true HTTP/1.1\r\nHost: apis-data-defra11.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.fctv33.buzz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:44:09 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nsa-host: apis-data-defra11.tcgfs39a2.xyz\r\nx-request-id: 125162b27_19455cb1a2d\r\netag: W/\"0835c55ffc6b316a1224d8071d7f9fa07\"\r\nrb-port-server: 0.003\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: *\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: BYPASS0.009, HIT\r\nrb-ray: vaBzihdHklq-60-HKG, aCplghdDelS-60-FRA\r\ncache-control: public, max-age=60\r\nvary: accept-encoding\r\naccess-control-expose-headers: *,Content-Length,Content-Range,rtimestampunix,ruserinfo,rb-session,rb-ray\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 6\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nx6oXrNKLwrm06Fx3T%2BVBlbWWKZVOwbMWY%2B4QTb8jtz0L3LsV1agkSyFpELvTdPhhwIb7eBcvuZFCklbzusvC01ZnDCpg98%2Fm7FZb9kOdeCEqnX0kAwkbvsdnaIpR%2Bw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db2093f525a0f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44925,"size_decoded":0,"mime_type":"application/json","magic":"data","md5":"e75980a619aae02f34f5ebcb39add56e","sha1":"9ba62830a3c0283c03090e679912940f6bac60ae","sha256":"bec2717699e8b22284678384fd11d7c9ae9dce8129908402071daa31141c904d","sha512":"8b421f03865ab9dc17e1ff13e9999f29562dda5d71bc50624a3d00673687f69f112021865f79a4b72e77a6c3b4669060e81e0c9849fd089589a5562ce298a9f5","ssdeep":"768:PHJnuphvNxw2XwbXoC2puLlustZSSSSSTG:PpwVjw8iXoTpYvtZSSSSSTG","tlshash":"712366ff15ec1b712bef26ef43a3236e84a206c9a9e6703afc51510581bda74458fc64","first_seen":"2025-10-05T14:44:22.568401Z","last_seen":"2025-10-05T14:44:22.568401Z","times_seen":1,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"apis-data-defra11.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/93f8a4e7190.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/93f8a4e7190.js HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z4wt%2FmQMoblMMOma391UZyL7BTLBHd9lTyoc75agzctkJaU%2BAB2SHfuyvKpS7cuhRT70hvtkzgjSci5SYaz6z%2BpyafppCd0R1GeOIiiE%2BWkDLpsaSOw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c8914783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":459493,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"900a3e4d2e3736ce6b48d9fb8dd834d1","sha1":"1de7f4c873b9c0e86a069ca7ad2958ee9516861e","sha256":"a38c78d6962c7bc34dfcc23498e8805f585a3640a2c42b727ff06b917448f9b5","sha512":"9299baff3b766f45608610e813f6dc6997de98a4d09b3ece64e12fd6b9de7b1d4b5959b86a84f9b339f77853eb384573f950846dc91461a2b75206d4b6db4f2b","ssdeep":"12288:7tGfe9jJDAFDsS4BFhFvb+j+Z+YP2f2rOlStul81EtlXbgHh:7+e9j/rOlSbEtlXbgHh","tlshash":"5da41b44fa80b17c8b9b51b5522b501af22f4855606c5cb4f2b5e9e02ff1a4ca17ebfc","first_seen":"2025-07-23T04:34:24.840084Z","last_seen":"2025-10-20T17:32:58.192977Z","times_seen":12,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":46,"dns":35,"connect":3,"send":0,"wait":11,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/42ee472eb72.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/42ee472eb72.js HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l1UAXL0YDcPFyJSMD7selH9Z13bBBZP94hhDVOKPrL5eihe1%2BaFiN0J7e8mDKegFRVZkuwf1V3Asbii%2FuUyXKMkMmgqZUJ8kw7cK65NlaHWD7SHAHuI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c88f9783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6804,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6804), with no line terminators","md5":"41b2b43348564a1b3918652ab30efcd1","sha1":"199e2dfb56375f761c19b02de2ddf146e080469b","sha256":"3bf3944ec1addfdbcd2495e2845e296800b9783e10678f43744d3039dee3cc9a","sha512":"e9f6cd64354f114ba6deeaf09528150550689f2ca364fa3cdfb72d2b9720f0ef83caabba99ebd6f6d44b3f3ed4aea16714700ffd58f4db3a4e75da351e9801d8","ssdeep":"96:WBBBGlSgsoBCFnQvpbBKwlRfeckUmjR1d4lL1Y4/MvpMBuNE5xqgKu:WBBBMSgsoBkcpbBKwlRTkUmoY9MBlt/","tlshash":"bae198682630e77d4bde29f7e93c50786da804dba58dc8b8e4a45d38b71de04c219c6e","first_seen":"2025-07-23T04:34:24.84291Z","last_seen":"2025-11-23T17:32:53.613756Z","times_seen":26,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":38,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis-data11.tcgfs39a2.xyz/api-cf/user/info","fqdn":"apis-data11.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apis-data11.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:42:11 GMT","end":"Sun, 28 Dec 2025 14:41:59 GMT"},"fingerprint":{"sha1":"4B:02:F1:58:67:AC:F8:72:FB:80:B1:A2:62:DB:3B:14:97:ED:2C:74","sha256":"4E:CB:B6:AD:15:2D:4D:6A:14:CB:76:ED:1E:70:44:63:F3:EE:07:F0:0D:85:D0:6C:7B:6E:61:99:F6:B3:4C:22"}}},"request":{"raw":"GET /api-cf/user/info HTTP/1.1\r\nHost: apis-data11.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.fctv33.buzz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\nserver: cloudflare\r\naccess-control-allow-credentials: *\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\ncache-control: public, max-age=10\r\naccess-control-expose-headers: *,Content-Length,Content-Range,rtimestampunix,ruserinfo,rb-session,rb-ray\r\nrb-ray: kexodfaehKlM-0-HKG\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nruserinfo: EU|NO|82.148.169.64\r\nsa-age: 68\r\nsa-cache-status: HIT\r\nsa-host: apis-data11.tcgfs39a2.xyz\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fKuJJ%2BUDlW%2ByXj3GGD2LYG8CfLsf5z%2BkAnIE4yRRIL006AkQRO1Hcg4yEgNEXY7OiiQYAEv%2B00V3mc65ljPHbXODX2uLd%2FezVfx0WKoBw2hdQ%2F1kVXI%2B\"}]}\r\ncf-ray: 989db1afca13712b-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"apis-data11.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis-data-defra11.tcgfs39a2.xyz/api/common/bs?code=100\u0026sportType=0\u0026stream=true","fqdn":"apis-data-defra11.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apis-data-defra11.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:41:28 GMT","end":"Sun, 28 Dec 2025 14:41:27 GMT"},"fingerprint":{"sha1":"D4:E0:E2:2A:77:82:32:8D:4E:16:CA:0A:19:A9:BD:5B:69:CD:5D:DF","sha256":"E0:BE:3D:ED:50:D3:A2:F2:0B:C8:9B:C4:55:79:D2:84:A0:28:DF:B8:4B:D1:DD:55:5F:E2:94:0C:F9:46:9C:F8"}}},"request":{"raw":"GET /api/common/bs?code=100\u0026sportType=0\u0026stream=true HTTP/1.1\r\nHost: apis-data-defra11.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.fctv33.buzz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nsa-host: apis-data-defra11.tcgfs39a2.xyz\r\nx-request-id: 095162b11_2103af01a2d\r\nsa-cache-status: HIT\r\nrb-port-server: 0.619\r\naccess-control-allow-credentials: *\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: BYPASS0.621, HIT\r\nrb-ray: vaBzihdHklq-2-HKG, aCplghdDelS-2-FRA\r\ncache-control: public, max-age=4\r\naccess-control-expose-headers: *,Content-Length,Content-Range,rtimestampunix,ruserinfo,rb-session,rb-ray\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nvary: accept-encoding\r\nsa-age: 22\r\netag: W/\"086c7eea899da943a8e60822ba40097d9\"\r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h4eNLeJTXPQyDsdT2Tj4Dtl4DrneDuEOVk%2FOgRRF9O5a5%2F89i%2BfxoYxw7TOFnG4P2DcXAf7KIzpP5RsOazNCeoqUH2MtVigrAQxU98OgRBtSLgWU%2BJhn7dMs1LA7I58%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db1b059125a0f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49,"size_decoded":0,"mime_type":"application/json","magic":"data","md5":"86c7eea899da943a8e60822ba40097d9","sha1":"27e60613f4e3fe76035da2a60b58f2d08ceaf070","sha256":"d33d05066b9667b5663f45a825d7531617921064f2df40d2f6ff62bb2a0a5f7a","sha512":"e44157b3a6d9c7658fc4dde0722d2785718e2df1f1c85d48f3c6d0bc24b6ca42d5bb7ec277ccfee31298afedbb1e65c05b510e03079d6fc6ed5d064e8b335817","ssdeep":"","tlshash":"da90026689970b9506519116a2614495d66025a5aa2c19524585494143a121a619bb00","first_seen":"2025-10-05T14:44:22.574403Z","last_seen":"2025-10-05T14:44:22.574403Z","times_seen":1,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":16,"dns":5,"connect":1,"send":0,"wait":9,"receive":0,"ssl":9},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"apis-data-defra11.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"logos2.tcgfs39a2.xyz/aelogo/country/eng.png","fqdn":"logos2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"logos2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:39:41 GMT","end":"Sun, 28 Dec 2025 14:39:25 GMT"},"fingerprint":{"sha1":"07:D1:03:98:07:0A:D4:71:95:DB:B4:08:6F:25:00:C4:D8:9C:EC:C3","sha256":"E7:3B:FD:EC:A8:B6:AC:97:6F:2D:2E:51:D1:B0:44:69:46:FA:D9:49:B2:07:9F:CD:93:B1:F6:69:23:A7:E4:D7"}}},"request":{"raw":"GET /aelogo/country/eng.png HTTP/1.1\r\nHost: logos2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 907\r\nserver: cloudflare\r\nsa-host: logos2.tcgfs39a2.xyz\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-oss-cdn-auth: success\r\netag: \"E046B4D086634F47222043A798267200\"\r\nlast-modified: Fri, 29 Oct 2021 07:33:42 GMT\r\ncontent-disposition: inline; filename=\"eng.png\"; filename*=utf-8''eng.png\r\ncontent-md5: 4Ea00IZjT0ciIEOnmCZyAA==\r\ncache-control: public, max-age=2592000\r\nali-swift-global-savetime: 1754312588\r\nx-swift-savetime: Mon, 22 Sep 2025 11:53:19 GMT\r\nx-swift-cachetime: 27306589\r\ntiming-allow-origin: *\r\neagleid: a3b54da017585419995907379e\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\naccess-control-allow-origin: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=03OA3Vnjf%2FzfDj4cP2raDjiFOmqga6X1m1KR%2B07OhWm690n5uhJD4sw%2BgEK8iqe2VgkuSH%2BUmCIFZj%2BazMLl%2FfMNrJtdguP6c3QzjPTT\"}]}\r\naccept-ranges: bytes\r\nrb-cache-status: HIT\r\nrb-ray: kexoleswlaed-30-SIN\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-cache-status: HIT\r\ncf-ray: 989db1b1f9360daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":907,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 333, 8-bit colormap, non-interlaced","md5":"e046b4d086634f47222043a798267200","sha1":"e7aef9bacd8844c2a384d0663d02fab107125a1f","sha256":"4ee1b23a919c714c35b00bc9ef55878508a206c7b2607bece400b028128f051d","sha512":"b5bed7228eddd11bcedc02b792adcf8e2abdb298a47d752c731203c450918a8f0feb32b527689571ab04c903449cfe2adcc2ccbf918b197013d3d1558b22c03a","ssdeep":"","tlshash":"e211d19e612d08e0d43a6b713d7795a04c35123d1256634fe40bfee7dd23b0d8c98661","first_seen":"2024-08-20T12:30:07.840509Z","last_seen":"2026-04-04T16:23:50.07588Z","times_seen":30,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":23,"dns":4,"connect":2,"send":0,"wait":216,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"logos2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/7f6bffe4f15.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/7f6bffe4f15.js HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8d7bNfFJQn6Ep2F3%2FhGf6ztym1O38HDnnqmCyuDbEFcfWpfUxy%2Fb6SDFaFdckA9sTIHAQDUltVB74AgyKLgpmhT%2F5pr9oZb3nOA9W4JuF3Z0zuxXcmw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c890f783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":307001,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"29b6dbc5472f334927b923d7df5fcb7a","sha1":"767b5ac66cfc19dfb515a1e14039ec18e55399bf","sha256":"4c49106f7f1d67d8719dd8503c44ac5f65c0ad50538b45144ed425202ff9923a","sha512":"0c79f96916e3cca268a6e91998e21612dff83781a1af7d69edd17c86a4ee098d982b8f4bbc12c4c1972f18982665225f10e737ee4e8abf4fceed121b14f12c8c","ssdeep":"3072:52gjIe1uXZNdDmNUKskm1B7NdK1pplk/W9Hwix8y15xpFtG:52de1MpDmNUK9mf7N4dlk+hwix8yPxpO","tlshash":"ee64e998f790b1b847a762b1923f102fb23f5855508c9ca4e266e5e03e7494cd53feac","first_seen":"2025-07-23T04:34:24.813719Z","last_seen":"2025-10-20T17:32:58.178712Z","times_seen":12,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":43,"dns":35,"connect":2,"send":0,"wait":16,"receive":0,"ssl":9},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/12498c2c35.js","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/12498c2c35.js HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IkHdOGg225H%2Bq358%2B2Nd1oiAsSH0CuQry3eCTv3Fp%2F3C6RJvEkWGquvDTwmGGfSTxHkP5hS1psccwR1BZMoUJaGrCiisWBATVgIs%2FNinFAQ%2F5CNGoJc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c78ef783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8408,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (8408), with no line terminators","md5":"9265adc21a90c43d57de5c99f790ec27","sha1":"6f5fc9a58ad1e898df6d806052137e76ecd000e1","sha256":"7d2fcc870d207ff6a6dee8149d328b3515083c4ce423980664f448d0c132cfd6","sha512":"be68836c52470ec6e4f0fac0fe2915d9ba89c8f6e2737e37da743ea223093ee7d86a1eb340c8541a25130db369f779ab473303fc88e41cf7488f5f56f6a75b70","ssdeep":"192:kH/1nmtHNTPmdDsqasWVVT/aiYofxxwFe8HKod1bYRj9jq/Xp:kH/1nmADUsMtnYo98HKoHsROXp","tlshash":"0d02c84c7341b5b883da79b3963f618ef529649420a9f8b4d122d6e0af3130ce43bd6d","first_seen":"2025-07-23T04:34:24.807784Z","last_seen":"2025-10-20T17:32:58.151306Z","times_seen":12,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-JH5Z1V4NG6\u0026cx=c\u0026gtm=4e5a11","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:50.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:34:17 GMT","end":"Mon, 08 Dec 2025 08:34:16 GMT"},"fingerprint":{"sha1":"71:28:4D:CB:A8:43:CE:20:8D:C2:D0:1C:15:47:53:FB:EE:1F:E6:6C","sha256":"FD:F8:A3:C0:21:C0:03:15:43:2F:C7:36:8C:50:6A:39:57:B4:06:6A:0D:82:33:AB:55:A7:80:D2:E3:79:B8:11"}}},"request":{"raw":"GET /gtag/js?id=G-JH5Z1V4NG6\u0026cx=c\u0026gtm=4e5a11 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 05 Oct 2025 14:43:50 GMT\r\nexpires: Sun, 05 Oct 2025 14:43:50 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 140846\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":422821,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"3adf2db99b1497211571c2abff670c95","sha1":"fcd207386ab5ee05f4f94a5f596ceeccb6d952f4","sha256":"68bd60f9d1b1d33ff5791377f7579fa8b78d66c262a53ac3a76d8fac5f055d8b","sha512":"03bc88db27ab39e201e65bb33f14d4fa37be746bddf8b32975d2d0c5dac4c199a9e6330d6a7351e956c48f12df1e6f26584eed8d359f8878cf5a7b2d68a0d371","ssdeep":"6144:lBMZTP5DyYvRC1cZwtgk6dSLd6gZg1X+6RVE:bObdtvIcZwhGE","tlshash":"e4941ace73c674665396e478903f018ba5bb28a2f44cc899f189cce42d74a9a4177f7c","first_seen":"2025-10-05T14:44:22.579611Z","last_seen":"2025-10-05T14:44:22.579611Z","times_seen":1,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":42,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/img/webp/fc/icon_live_stream2_active.webp","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /img/webp/fc/icon_live_stream2_active.webp HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2310\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 27241\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vgdSW6c3xrZknDNrbfgKwNJn%2Bn87UfDuHcaVBVlwAm2C1Lgk6k%2FVm2u8vpmUHf9mLak2omD2PFwk6y3VwyENJFRa2F3lHq4CAnb7YTw4npVNq5SAVaA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db1b13ba6783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2310,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"24177643a431b881e42372c55021a5ca","sha1":"c4a497adafa1b781cfe7b3b212283c916945899d","sha256":"94353c4d231eeb620e4fc510fd0dba10debda24699b6c3ba705041c5bd8a0b20","sha512":"4a29dbb70743f05bc94fa49d694ae49deaff61b34217d90496d6acc277441c332e942a3844db4b44140b4042b6383bf5e35cd40702f030c19c91792ce3d111db","ssdeep":"","tlshash":"f8410b73a3336329d3104df4a0b26f12a53da312e79de985d380c2300b54ac2393d287","first_seen":"2025-06-29T02:02:02.269042Z","last_seen":"2026-04-06T08:44:27.52179Z","times_seen":62,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"logos2.tcgfs39a2.xyz/aelogo/country/fra.png","fqdn":"logos2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"logos2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:39:41 GMT","end":"Sun, 28 Dec 2025 14:39:25 GMT"},"fingerprint":{"sha1":"07:D1:03:98:07:0A:D4:71:95:DB:B4:08:6F:25:00:C4:D8:9C:EC:C3","sha256":"E7:3B:FD:EC:A8:B6:AC:97:6F:2D:2E:51:D1:B0:44:69:46:FA:D9:49:B2:07:9F:CD:93:B1:F6:69:23:A7:E4:D7"}}},"request":{"raw":"GET /aelogo/country/fra.png HTTP/1.1\r\nHost: logos2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 906\r\nserver: cloudflare\r\nsa-host: logos2.tcgfs39a2.xyz\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 0\r\nx-oss-cdn-auth: success\r\netag: \"1EE85B7856462FD03AB92D4B003B9CB5\"\r\nlast-modified: Mon, 01 Nov 2021 02:10:06 GMT\r\ncontent-disposition: inline; filename=\"fra.png\"; filename*=utf-8''fra.png\r\ncontent-md5: HuhbeFZGL9A6uS1LADuctQ==\r\nali-swift-global-savetime: 1758570775\r\nx-swift-savetime: Mon, 22 Sep 2025 19:52:55 GMT\r\nx-swift-cachetime: 31536000\r\ntiming-allow-origin: *\r\neagleid: a3b54dad17585707753053100e\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Oqsez1Wsmdz0aYTALT56DH7DjgTnU8yVDtIoSrjTtI46TJkQPoQecv7kj1nGOIdOHBiWnEsDDjpi%2ByyZSsW6dxu%2Fp1gpWpnHOOBLPQH8\"}]}\r\naccept-ranges: bytes\r\nrb-cache-status: HIT\r\nrb-ray: kexoleswlaed-30-SIN\r\ncache-control: public, max-age=2592000\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-cache-status: HIT\r\ncf-ray: 989db1b1f90c0daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":906,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 333, 8-bit colormap, non-interlaced","md5":"1ee85b7856462fd03ab92d4b003b9cb5","sha1":"c5350dca88fc96cb752fb3e3b5ba0a58de1854a4","sha256":"686800db40f580c3ee3abf23cf6e4a2273fa9a84e00fc92d70541a7eeb0a5f07","sha512":"be02e22e37fc2e1e647a7451a4a595efedc13d89b31d4c5c26ca1f8e9f0bcd6754323b26c17432ccd03da081f79bd69b66b4446e9858c4712bcb67f4e79c8fdc","ssdeep":"","tlshash":"3c11469d021209d4e97867383c7b92846c78117de540130fa647eeefed2779e8dc8691","first_seen":"2024-08-20T12:30:07.838542Z","last_seen":"2026-04-04T16:23:50.118809Z","times_seen":24,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"logos2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.fctv33.buzz/","fqdn":"www.fctv33.buzz","domain":"fctv33.buzz","tld":"buzz"},"ip":{"addr":"172.67.143.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-05T14:43:49.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fctv33.buzz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 08:13:26 GMT","end":"Thu, 27 Nov 2025 09:11:09 GMT"},"fingerprint":{"sha1":"2D:92:E7:D0:6D:8F:73:5F:50:B4:98:5A:F9:43:56:CA:2C:72:6B:F7","sha256":"73:81:C5:89:7A:D9:BD:57:7A:36:4D:EB:84:2D:F2:8C:6E:DD:9C:69:3B:7C:50:D7:4D:2F:FB:66:9E:83:C1:A3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.fctv33.buzz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"10c72-HScgy0BpQqZ7GGp0Hr1fRCJQWbY\"\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: HIT\r\nrb-cache-key: www.fctv33.buzz/\r\nrb-ray: SxolN4wZLJs-300-SIN\r\ncache-control: public,max-age=30\r\nvary: accept-encoding\r\nage: 3325\r\ncf-cache-status: HIT\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4m7j6V%2BnABkdzTHQkZecuC5hTpCiHSMLJsOKvPm%2FiyUgidaSl6dJHTPLzDQuLL7e5w%2F6tDnjAP%2F043ZWIVos17ctigdOy9nNH%2F4VvUA9lQ%3D%3D\"}]}\r\ncf-ray: 989db18bbfeda41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]}],"data":{"size":68722,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (23283)","md5":"67d0a499586f99b57f48aea39596b462","sha1":"1d2720cb406942a67b186a741ebd5f44225059b6","sha256":"a8f45a28c50f2d19015888d07ff32586a8539948033b587c4004f4487c4c88ef","sha512":"0b6cb1ce911dc83b90cee56e39aa7be9059dc3e11f05be037b92ca2326164e8d44e4d9b86143bc42c852eb41f53bcde95ee4f312f4fb08a665a9dc0d801b974c","ssdeep":"1536:53eFBp/+rV/Rdye64mdl7P1ueHG7YzmjPMHp0mXeSKxZrW7+1q+6lm3azIsPfqK9:5yqKmHy","tlshash":"d4630b72e340a26d0153c7ddea357b2cb15b737fed92c95292ad4b580ae2ca4f90ec44","first_seen":"2025-10-05T14:44:22.583429Z","last_seen":"2025-10-05T14:44:22.583429Z","times_seen":1,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":170,"dns":14,"connect":2,"send":0,"wait":9,"receive":0,"ssl":153},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/statics/css/340596d47.css","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /statics/css/340596d47.css HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nsa-age: 28583\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wRM%2BbrTigdbnaXL2LR6jrTcSE%2BeHMWg1gJlSF4AtpgX5w%2BgdxPEJRSELMFJ46iTJb6GIfvTE7pUvLUQzqK5ogTsccorR%2F1B0zfgRwsOJjcyOYaPMWGQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c88fa783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31030,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (31026), with no line terminators","md5":"cec38ccc8d5a1fb0757bbfbb4ed765f2","sha1":"11e91a3b2ae5a2b9e87e773acc031ea06aa589cf","sha256":"1afefa706c87d2af106c750ac2c684c3a62f62e86fd18069e35d0e96bbe4281d","sha512":"cbdc4d24dc067b53caabab36a25927e8c0067adae37775508c7283a34f1f480ce4d172e23522bf91ef29150c5ad2a0f31a6dd996cebbad6b080803e0ecd12129","ssdeep":"192:CnzwKWWf8dmLa2Qg8dxjYh5ngVSzpIYh2ngou34Evrxl4wi0NDP:CnzwKWWfJvmYh0SyYh+EjLTZ","tlshash":"43d2d23f8195131c9217ac155f9c2611bfe6cc53e30293bde5a05b3a8b97f4a177290a","first_seen":"2025-10-05T14:44:22.586768Z","last_seen":"2026-01-11T18:57:02.015385Z","times_seen":34,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":38,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/img/contact/icon_email@2x.png","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /img/contact/icon_email@2x.png HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 913\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: HIT\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nlast-modified: Sun, 05 Oct 2025 06:37:19 GMT\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 27237\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tMBpL%2FRxFhWV4owPeANGCTUaOQdQI3RhNGhxVdjsgCSUZxndjTuR71ZdYAnQIKKzOGjCeN2zOQYj5QSM8pmv2pYgeCQSfUyjsKOXVBrCcBx7IWiMALg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c890d783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":913,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced","md5":"8865088214e917170c0b18392237fccd","sha1":"20f1ca5069ef3a70138e848e12073bc892658d3b","sha256":"bcc6103d7599b15debad85832520f04032d3a8e3173e7b3f03d9191e63ac7eaa","sha512":"a1c95e7608dd4c8f4d34d4074252b63873ef1a9f5b8ca6d5a84a007d9f7ee80dc7bce05eddfd5e8788a1570163022aec3c29460c87e3f1a8ae96c1bca0c4d7e5","ssdeep":"","tlshash":"66116792e9d62e18da414d713091bef0dadc30a131cf93790d5e6c3553a5a4f9cd43da","first_seen":"2023-07-26T05:15:25Z","last_seen":"2026-04-06T08:44:27.484515Z","times_seen":106,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":36,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/img/webp/fc/icon_favot2_inactive.webp","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /img/webp/fc/icon_favot2_inactive.webp HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2396\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 27241\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M7dLyIZ9tOC6n%2ByqR4Ha0P6udNN6NLAGDhGgOjNp64kGKMBJjllT5E3aDGyfPWIUnQxzUNXJ0xHs62H70WGgjtUN%2Bn5yi9S3bEsMZBhyrNfMElSnGWk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db1b13bac783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2396,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"aeebd213c331043a469ed65cfbae936f","sha1":"7d7ffc5e44f5da62473f79141503e1cd9d805d64","sha256":"b4f6d6e3a0fa6ef6c3e2367892f7abdce6d9b592daf5ecd06ae409bb42cba650","sha512":"6e7a63a65e6d4a30e0bc6c7acfde925a10ea2606851037bba3184b84340cb8bc29217d87a7a3a504e51f189d01e9f85cc8d5805d946c4590f4697138be41a4e8","ssdeep":"","tlshash":"8a41f96163236b8cf81953b84b416f51d230bc175799533b8282096d9f3adad6cd434a","first_seen":"2025-06-29T02:02:02.29441Z","last_seen":"2026-04-06T08:44:27.538572Z","times_seen":64,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis-data-defra11.tcgfs39a2.xyz/sfverbb3711b9939f4fac19e591babeef066f90e9ec/api/match/live?sportType=0\u0026language=0\u0026stream=true","fqdn":"apis-data-defra11.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:44:02.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apis-data-defra11.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:41:28 GMT","end":"Sun, 28 Dec 2025 14:41:27 GMT"},"fingerprint":{"sha1":"D4:E0:E2:2A:77:82:32:8D:4E:16:CA:0A:19:A9:BD:5B:69:CD:5D:DF","sha256":"E0:BE:3D:ED:50:D3:A2:F2:0B:C8:9B:C4:55:79:D2:84:A0:28:DF:B8:4B:D1:DD:55:5F:E2:94:0C:F9:46:9C:F8"}}},"request":{"raw":"GET /sfverbb3711b9939f4fac19e591babeef066f90e9ec/api/match/live?sportType=0\u0026language=0\u0026stream=true HTTP/1.1\r\nHost: apis-data-defra11.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.fctv33.buzz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:44:02 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nsa-host: apis-data-defra11.tcgfs39a2.xyz\r\nx-request-id: 125162b27_19455cb1a2d\r\netag: W/\"0835c55ffc6b316a1224d8071d7f9fa07\"\r\nrb-port-server: 0.003\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: *\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: BYPASS0.009, HIT\r\nrb-ray: vaBzihdHklq-60-HKG, aCplghdDelS-60-FRA\r\ncache-control: public, max-age=60\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\naccess-control-expose-headers: *,Content-Length,Content-Range,rtimestampunix,ruserinfo,rb-session,rb-ray\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8Td7FhP4kVu0n%2F9mjlmItQZDdN%2FdRNwm3w3k2NDRNgVweo5cAPBnaQB0ABM7deJ67AgravOoV3PefiyathPSjd8eJ98iei6sJLNNrvj0HmhYY3NlY1N65lRtsU8EKjw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db1ddbabe5a0f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44925,"size_decoded":0,"mime_type":"application/json","magic":"data","md5":"e75980a619aae02f34f5ebcb39add56e","sha1":"9ba62830a3c0283c03090e679912940f6bac60ae","sha256":"bec2717699e8b22284678384fd11d7c9ae9dce8129908402071daa31141c904d","sha512":"8b421f03865ab9dc17e1ff13e9999f29562dda5d71bc50624a3d00673687f69f112021865f79a4b72e77a6c3b4669060e81e0c9849fd089589a5562ce298a9f5","ssdeep":"768:PHJnuphvNxw2XwbXoC2puLlustZSSSSSTG:PpwVjw8iXoTpYvtZSSSSSTG","tlshash":"712366ff15ec1b712bef26ef43a3236e84a206c9a9e6703afc51510581bda74458fc64","first_seen":"2025-10-05T14:44:22.568401Z","last_seen":"2025-10-05T14:44:22.568401Z","times_seen":1,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"apis-data-defra11.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/img/com/icon_top@2x.png","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:55.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /img/com/icon_top@2x.png HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:55 GMT\r\ncontent-type: image/png\r\ncontent-length: 422\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: HIT\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nlast-modified: Sun, 05 Oct 2025 06:37:08 GMT\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 28342\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e%2B6%2F9GFeqe56quRq74wT3jVolAufwVK%2BLGQx3s1dxhwj3%2BQyZlnjDAZl%2BPiOqCreT3fXa7WTAFsvZReLkjApe0%2Fzwvifn8%2FLPZskkSRu5UAdXk21Et8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db1b03881783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":422,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced","md5":"fb5954b769c3c80b0b3890d84e5c9e82","sha1":"1ae9550e68df4495e22ed9a7255b8448cc4b1f0d","sha256":"8ca9ed7f371938e77d704df48da347a9722d1024aa1d7dc2f65122e2c1db8d99","sha512":"9678211b925e3dd60526b82ed4dc840945840042fd6a08484938c3e36679e0af6783d55ecfa345913d2998a050a06e5d434b0d0890ee50ba6aa8e52cbb24928e","ssdeep":"","tlshash":"b3e02bf3db9b3c69d40095b473ea0231c3b624b24141a89c98c3e1e88240b2a8a83284","first_seen":"2023-07-26T05:15:25Z","last_seen":"2026-04-06T08:44:27.46767Z","times_seen":159,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"statics2.tcgfs39a2.xyz/img/webp/icon_apk.webp","fqdn":"statics2.tcgfs39a2.xyz","domain":"tcgfs39a2.xyz","tld":"xyz"},"ip":{"addr":"172.67.176.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:49.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"statics2.tcgfs39a2.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 13:35:34 GMT","end":"Sun, 28 Dec 2025 14:35:23 GMT"},"fingerprint":{"sha1":"F3:BD:1D:13:97:36:10:F7:97:AD:47:4D:C4:FF:05:24:3E:14:98:9B","sha256":"E2:AD:EE:E9:C5:9D:E0:3B:8F:0C:3C:6B:D3:08:89:16:3C:0A:9B:BA:F7:25:78:D5:01:54:5B:47:2E:39:84:19"}}},"request":{"raw":"GET /img/webp/icon_apk.webp HTTP/1.1\r\nHost: statics2.tcgfs39a2.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Oct 2025 14:43:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2820\r\nserver: cloudflare\r\nsa-host: statics2.tcgfs39a2.xyz\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\nrb-cache-status: MISS\r\nrb-ray: kexolN4wZLed-30-SIN\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nlast-modified: Sun, 05 Oct 2025 06:37:06 GMT\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nsa-age: 28338\r\nsa-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5GpCKDdHj2pLPF57tdA26BSG2yB3geXS82NEPFbXpGxv2bEC11ytNz8wVRXovktiwdrFlr8eRjCdAIjJ4z79H8B0j%2BcoyHv27NteAej8NvQug5hbRSs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 989db18c8906783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2820,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5cde3652b67f0c439a963b00d486a712","sha1":"bf0da4e99be1cb817332094f6e86cc3e0fa5d1ea","sha256":"5e8a3e31da17b01e26a69c6042efbda4b0028315c0360ef002e1b889401e854d","sha512":"5a9f91328e89f84fc67f4f486cce2cffb8450cf4131b22efee9c755e0e6f23903f6d7e0cc53d7698a6b21230241ea8f398b8222021bdc7609d0336deaa4b1e63","ssdeep":"","tlshash":"40515b61116ce03006f6dd611152d7f83eef6fe8c70a5ac8e6c8a81ecab94c933b0d20","first_seen":"2024-06-29T17:47:25Z","last_seen":"2026-04-06T08:44:27.474387Z","times_seen":165,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":36,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-05","alert":"Sinkholed","trigger":"statics2.tcgfs39a2.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-0Y1BWVPR65\u0026cx=c\u0026gtm=4e5a11","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.fctv33.buzz/","date":"2025-10-05T14:43:50.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:34:17 GMT","end":"Mon, 08 Dec 2025 08:34:16 GMT"},"fingerprint":{"sha1":"71:28:4D:CB:A8:43:CE:20:8D:C2:D0:1C:15:47:53:FB:EE:1F:E6:6C","sha256":"FD:F8:A3:C0:21:C0:03:15:43:2F:C7:36:8C:50:6A:39:57:B4:06:6A:0D:82:33:AB:55:A7:80:D2:E3:79:B8:11"}}},"request":{"raw":"GET /gtag/js?id=G-0Y1BWVPR65\u0026cx=c\u0026gtm=4e5a11 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.fctv33.buzz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 05 Oct 2025 14:43:50 GMT\r\nexpires: Sun, 05 Oct 2025 14:43:50 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135999\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":399929,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"5f809c74a15c3e80584dd2c4bd3e04bf","sha1":"ee5321b15acbbb924cfb4d01032c2ac4838a4b5e","sha256":"0602e70d82078725824916d5724afaa38e13369aeb889b3258d5d7390221b9a6","sha512":"cdf58c9a70b08c34c6fe56d3f9a864e9d5a80243d39660030595373353f6d8b83af126a312b7ae76b28ab573c236f82f2f7cd90d0a39425884b1651a67afd5fd","ssdeep":"6144:86ZTP6DyYvRC1cZwtgk6dSLd6gyP1X+6Kcd:8Ub+tvIcZwhGd","tlshash":"c5840acd73c674665396b478903f018ba5bb28a2f44cc899f189dce42d74a9a4237f7c","first_seen":"2025-10-05T14:44:22.593899Z","last_seen":"2025-10-05T14:44:22.593899Z","times_seen":1,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}