{"report_id":"c705e898-6f26-4a9d-9ccb-e673cdb3d692","version":6,"status":"done","tags":[],"date":"2025-12-07T18:23:00Z","url":{"schema":"http","addr":"www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"title":"현재는 다 이루어질지니 재생중...","dom":{"size":38652,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (21686)","md5":"68670f343eb3e918a98255f449f3fdbf","sha1":"97c301dcd2c490de3b533898e9e60182a22f4b8c","sha256":"ddcd47254efeb32786ceab4c358e8a0b2a976f2872ace7b011bf90c0564cedac","sha512":"a291f7c977479a8bc78a8b62001eaaf1ff3ffcb96fb897399c82871395cdad3fd48429c9effa1f8ea5e94ddceb6b4213c3825fb083f2c70d7c5fb27023bb68b8","ssdeep":"768:hYzitaXGUQWNRdENbiiXoG6LZLetowp7EMdHlMApb6gJGpdOi5Vb:amtaXGUtNRdENFsLZLeFQ22","tlshash":"a4032f0065bd033590bb515c7af9e654212af993d1224adebe9d3f388fe9ac63413f48","dom_hash":"domhash4cea6de41ed6cc0c07df58156b63de2f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-11T18:23:00Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"xiaoca.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"sj.xiaoca.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-11-30T22:21:59.282818Z","alert_count":0,"request_count":2,"received_data":177587,"sent_data":841,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sj.xiaoca.top","ip":{"addr":"172.67.199.28","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-03","domain_rank":0,"first_seen":"2025-11-20T16:32:52.418824Z","last_seen":"2025-12-06T17:39:39.872782Z","alert_count":1,"request_count":1,"received_data":34929,"sent_data":459,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"images2.imgbox.com","ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"domain_registered":"2009-02-09","domain_rank":384284,"first_seen":"2017-10-24T18:55:51Z","last_seen":"2025-11-26T11:23:17.205936Z","alert_count":0,"request_count":20,"received_data":8153850,"sent_data":8960,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-11-30T22:25:26.998026Z","alert_count":0,"request_count":3,"received_data":235857,"sent_data":1334,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.cytv143.com","ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-27","domain_rank":0,"first_seen":"2025-11-10T12:17:06.924291Z","last_seen":"2025-11-25T14:46:04.964669Z","alert_count":24,"request_count":24,"received_data":1036660,"sent_data":13656,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]},{"fqdn":"xiaoca.top","ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"domain_registered":"2025-04-03","domain_rank":0,"first_seen":"2025-11-08T21:04:46.225015Z","last_seen":"2025-11-20T09:40:16.516722Z","alert_count":10,"request_count":10,"received_data":636760,"sent_data":5216,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.cytv143.com/static/js2/history.js?v=2","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"aa7f740c32e902b0b0de0f08f44da207","sha1":"f6eb044a0bce9872c4533c437c57c4f247f0e33e","sha256":"5d30530788ea4837778a89f02df2dd24e11145ec1a370ca05cc75bc159c799e7","sha512":"3904ddd5af18b05428e997cd5edcdf77eec9355d9677f2c30221a6663e72bd891291bf8b397f1901a3d587470c96d5008079170d94f3daee8331ece385a43322","ssdeep":"","tlshash":"d341684940b79992b45fd1f94ff73f80a8a0a853289cc9803e8db7105f99336b6f52e5","size":2101,"data":"","first_seen":"2025-11-10T12:17:23.613427Z","last_seen":"2025-12-07T18:23:09.280989Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/disable-devtool@latest","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7fa174926682313cc5a067077b0bb22d","sha1":"609109d82deb0c7dd3d9d212808dcba0548ce3d1","sha256":"5a7b9b2c807f85575c9ebc1f508e849b53430870b2d0fb6c02b2de3df661cb63","sha512":"83a593d4b8648b78031259becd96b4c33226e9462c2e26013ee0746ff58a7b710159d0d380d001d7740e9485ee346491c16e3fdb0d334f5b6cfabe6f90cda9b6","ssdeep":"192:m+5ekRvDLCpBK+BpP78nPk6O9ShgzsqcSYV0GtI+uwicvsbIUiJE2KmnyKU:mLiPCvRvT8nPk6cSCzsqGVJeZcsb8S9","tlshash":"0582c4ccb48270715b77a9e9507f454ab23aae96888c8040f13ed8e42c7c56ec267f7d","size":17684,"data":"","first_seen":"2025-08-02T03:49:54.562881Z","last_seen":"2026-04-06T05:03:16.321057Z","times_seen":3610,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/ad/js/react.min.js","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe3e04b0a969e3722ae34c9a06ef8f32","sha1":"b71145e063c22556d375e065e02ea2ac66fd606a","sha256":"46d9df8b53156408f7bfe7837858e1fe2017a3cfff0f4cd52aa97c7e354b0a23","sha512":"503c68a77f430a70fe529f024345d3089a40783cc7176ed2ddbd46edb91382a2f54adf3bc334feaa9580215b70851910f0cd3d76ad0da2642e6d5bdd2d6adeb9","ssdeep":"384:7Bsb5gIzypiHiVPe2YoOoasCHCjY6eZO7G5M/94VCJD+bvNGHBFm:7Q59zI02siBeZEaiamD4Ao","tlshash":"9f92b6a871b1b0a617e320f4813f850be279675d701dd4a4f6a1e5e079b88ee8133f78","size":21203,"data":"","first_seen":"2023-07-24T08:24:49Z","last_seen":"2026-03-26T02:29:51.419549Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/mediaframe/clappr-pip.min.js?v=10","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d3370a6201cc4384aed4eb64e05da3fe","sha1":"44aa3a3480bfe052adfd8b8001106f8c1525a57d","sha256":"435e0757ae8e8e029e968f781a05e89471f0ceccf265f8a17d49941c03750d83","sha512":"c477b209615cd06dedec3a9c93e7d7b2e58cf11fc4bb5e1390274c373681a60ace566fa24da362155bc1ccd3fca664a85b590809005e8ac346de14c95b5c742a","ssdeep":"192:3/6h5JVDsLYYm+26s5DURNMtu+QshN/AudDSNL4NkEBMLSXQvVKPohiMzjQQqy4p:3/6HDUBSBkuE+Q6RTd1q6ohio4X5","tlshash":"c172749c76b1f0a693a3f2b8403f300ff27659b9149990a4b735d8e0aeb454c9127f6d","size":17345,"data":"","first_seen":"2023-03-07T12:38:40Z","last_seen":"2026-04-03T19:26:51.359197Z","times_seen":108,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/mediaframe/disable-dev.min.js","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2b3df197569c6dcbd45dd8b094e175fd","sha1":"84e3af28f6efcd226e2f41375bd1b1ef6bd712f8","sha256":"e25abb8fd9fa2f59667d715bdc4869ff515de12f67b9284b8421f1072c0014f8","sha512":"21dd978fbe07827e5acf61c8c5f7d3b3aa632fac29fbfdf89864bb4c18093c834bbc01274338fd8ed517b72c44417ef72c8c4858c35a2040e8d3bb393874547e","ssdeep":"192:m65oNMzPEGh0XLRbLBGY4G93p5D7GyaVXKAma9g2KFjPyTI:mJUPE7XLRbMq9Zo5gVa3U","tlshash":"7352938cb992746017b7a6b9543f190ab2397957448c8060b33e87f82d78d6ec267f3d","size":14173,"data":"","first_seen":"2025-04-03T19:40:45.24598Z","last_seen":"2026-03-26T02:29:51.448567Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/static/js2/stui_block.js?v=4","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"46c7a45b15971492cc200525d1b60a56","sha1":"7e9e43e2a2104d07baae9fe45bfba5928d86c27b","sha256":"c14fade8aa183f146adbc0fe08457057cacb61dc62a7f56e3af1bc3120c2dde7","sha512":"9d91a755d7cf36a2fbc6a4ff9f777bdf01c6245fa6be3a11168db0c1b28eccca30c8ec28d589dbe3ffc2cfb832b38c832eb8c881a409730b5f34632716f05c06","ssdeep":"192:xk0hbH8Hkay1Y/nCtwl7ACa8sk5uQTsImrMMuKW8:xk0hbH8Hka5/nCtM7ACJskZvqW8","tlshash":"77229384fb9c6537807734ad942e11c4e46dac32bc404ca7fd6ca5642bd0e2a619ec34","size":10111,"data":"","first_seen":"2025-11-10T12:17:23.655233Z","last_seen":"2025-12-07T18:23:09.299589Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"66e1b1f9d5610708560ea0f2a8c58103","sha1":"7dffe389f71cb7a21c683837d061348fe26591e1","sha256":"1b509aa89caac37fd82a2399ef427553516449428826b641a1eb734826fe051c","sha512":"07048084b890ff2ba5777d877f4b43db6a1a2e042b8149ff1b10c19ce1c9d9a2cf584e14cd29447bc67cb57624334e81be7c0e72f62015ab60680c1eefc8d786","ssdeep":"","tlshash":"f9b01210051f23024c5335c086096a400afda151037f56902184d6ccc14b18403080c7","size":93,"data":"","first_seen":"2025-11-10T12:17:23.688491Z","last_seen":"2025-12-07T18:23:09.312618Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/microtemplates/source[6]","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"b63c45532b29dca149e58059c4dda9d0","sha1":"7c69772c55d148df85b03490653828e77f093d81","sha256":"831e3aa44d50fb5073e06ce9c960e5d6dad6753c3201e5ba1f41671f3fc3f082","sha512":"cd4c17cc95cee1161e4616aa333a0d1cd858335f8e6ffcb38c84c3f6ba2f404f0a013bd5d5c5c6aefe7f2d96e3eb20aadb0689f9d3a59877526ff67e7d5ff783","ssdeep":"","tlshash":"b301cef400ec12fea35a03a8290ee11f654dd056d1d8294ef5788a7086bc3b94c1863f","size":790,"data":"","first_seen":"2023-04-18T02:32:56Z","last_seen":"2026-04-04T11:42:40.896734Z","times_seen":696,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/microtemplates/source[8]","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"df70da01fbf3c7a5c649d805e829ae42","sha1":"39c598cb80bc3ab4c3d1dad1582afb33b7e5d756","sha256":"e09e724de6a90c185f75288d3ed3cc6ef3ba903595dfc8ccf9406a286f3b6741","sha512":"0506e9d43e9eb11ab13a5f7f9c6ef640b35a0130e6873977670da5a91fc8211d051bceb87edc0b671e4aff264d78f5af6d02e553e299d702b0e0dbdc7371cbd6","ssdeep":"","tlshash":"06f002e804f812fc63bad11c8309c22b212dd145c1e4398ef47c99718476b634d4d03f","size":601,"data":"","first_seen":"2025-11-08T21:05:04.50264Z","last_seen":"2026-01-03T19:57:31.74929Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/static/player/parse.js","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5e8babcc8677866285da26bddf14e9bb","sha1":"215e33e5e51e3040a906207b8519fda06333dd67","sha256":"25b03f2512a489776373c43684e0f4a75215481d2751fd8a59776911110f5325","sha512":"91d6c811c85dff88f682ff3586a855d8f4a9567ab3fdfd7b8b535a02359fd2462af6527614bcae09bf7389979d1356c0ffb6ee31b4f0b72173cd1687fab3b9ff","ssdeep":"","tlshash":"63f0a7f5da6a42cc44832b1f73a248d72123d721fa76b313f857397050457651d611bd","size":473,"data":"","first_seen":"2023-03-10T10:15:04Z","last_seen":"2026-04-04T04:36:49.878951Z","times_seen":317,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f9acfffb9ca4835e965ec668f00b0096","sha1":"b2b60ebaf93b2a37a9a81e0bfc9466ac7ce73c4a","sha256":"60d7095c2958ace3a1d1038e94616f856feb0d7906c42a6e8e33941481cd6ddd","sha512":"9abeb7320521a93beb16145d15824b6e662e94cb4713d70728f409b026cb041d843452a3a15d495f4efea8e89b43558460eacffa82fa114e84e0a68e87adaec1","ssdeep":"","tlshash":"1d6162897da0b4b253e3a694c13f010af33d857a8198c140a2a9e9f4acf505f96a7f1c","size":3260,"data":"","first_seen":"2024-09-14T18:55:50Z","last_seen":"2026-04-05T19:10:38.272096Z","times_seen":179,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/mediaframe/clappr-playback-rate-plugin.min.js?v=10","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"27959406831d205f40f0df5c21ed3c26","sha1":"e0715b0ef435df94dbfa83ca2ff5678a59d47f2f","sha256":"67f6db15eb6390018aafad1a0487c20c3f1dd42830c146ec4a0d787bd8d33041","sha512":"c97c9d658e23382803d5e59ead9cb79091a9adee5af2f8d64b192f246bfdc366aecbf1cc01902bd3b6f8fb9ef667d139a60521408d29bcd920c6e57f7df9ef6b","ssdeep":"384:/wJ+vdyxIKCsmwOFPzq2HZqohdWbzgrjz89TouoPVi3fBPTX:otX4Z1Wb6P8OSX","tlshash":"d2e27389b5d1b0f013f7b0b4412f820eb17ae994b09a96c5e665e5e0acb944f503bf3d","size":32105,"data":"","first_seen":"2024-08-19T22:32:33.826894Z","last_seen":"2026-01-03T19:57:31.695881Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/mediaframe/clappr-chromecast-plugin.min.js?v=10","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"01601edb007eef5ba4b1386675c39eb2","sha1":"bb7706b676af6837b4fe6c702e538ad1ed700945","sha256":"66c50380ea255c087cbbb78351e5580f3252655314e10487e9e175e08a0cb748","sha512":"7cb2f01347a1fc8e3cc8687fc926566acc60908ac36dbafb905b85608653096ddc0d5b4540d43f8b4af6978903a8a7a61e9cf632c240a0294da580b3416a7d6e","ssdeep":"384:/E2XN8iOGY9mVm4Vg5gUxvRHxwjY0OaSJM2o1AUmgaVlSEiuOV16U9kgLxL:BVVmAe5xvRRUY0Oaci1xmzVlSMs9kgtL","tlshash":"5cb2979cb1d1b135969390b8543f110ab23a75aa3089c1dcf73dd8e1aeb061d647bfb8","size":25494,"data":"","first_seen":"2024-08-19T22:32:33.812387Z","last_seen":"2026-01-03T19:57:31.731645Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1c53cbac722d243475264f2e31d42b88","sha1":"789e8d73f16d5fe64a0aa664a1cd53db41b4db64","sha256":"4edf6b7a6a003ae8dee81ca17c9c48b768938cad428865aaa51f8c9a1caf2843","sha512":"faf54aa297e2905ab35eb7d7acf82d59a8f96e4b2b067a2e5ac77517fd3e75820c9132c8fea4fb7766b4ebaeda800d7160473019563fbeb806ba819ce49da8f0","ssdeep":"","tlshash":"4db01247524217022374eac00e46374194d200e67791d470051050600cd4bab930956b","size":99,"data":"","first_seen":"2025-12-07T18:23:09.316195Z","last_seen":"2025-12-07T18:23:09.316195Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"532c4fc18dea11bffdf1b9d324b472a1","sha1":"96ff38eea8dda01ddabaee57d710771438c48a78","sha256":"7b43b45877f5435e93e16fd609435b351613abb72c9e167157bd65cd9640cc12","sha512":"a4e923593e2fe491a4b9ac04cd1d3cd4d9fba03fb9dff242a09a808dc3da0724e77d628c39acac56316d43675b39850bb69d2d0dd7e9e753f2e74bef82b5170d","ssdeep":"","tlshash":"f3f09024cb98403581bb47f398a501c7b06c81beed40448fb84658ae689c892369dc75","size":544,"data":"","first_seen":"2024-12-26T20:00:54.057084Z","last_seen":"2025-12-07T18:23:09.317241Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/ad/js/react-dom.min.js","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f9265a487ab6e128d66c4e01a4b530d3","sha1":"13e6999c59dcf556863d7b8eecde0a41b22eb7e1","sha256":"bb32b062e1f9d031f30d8af787f067a6fec2e5024d5231c4a55993dd7baadf0c","sha512":"ba18f80919362ef5e84690334e490430e28fd1c4c094c64546841dd4274d9dbca89a0bac697d80673904add7142afe286b47dae7985599587a20b3f5e8b4529a","ssdeep":"1536:RO7VCzMS1WaSGtwtZ/YH6NbKp6dK6R7N4ina:ROgzNr18oqbK0BNC","tlshash":"b5c319983280b46717eb927c527f2807b2bb11195c0dc824ba65d8d8bbbd95d133bf6c","size":123889,"data":"","first_seen":"2023-05-10T19:16:03Z","last_seen":"2026-03-26T02:29:51.4341Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/mediaframe/clappr.min2.js?v=10","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4cf6dd122978a6f622faa9a6fd830a04","sha1":"3b8be187c208308a0b3575695a40e7fdb0ddea6c","sha256":"d9c533f886996d48515a61d197c35cfb6cf2217b1c6ccf652c9629bc9ca567c4","sha512":"ca5a6f46054ef3227117cb3b9ead81422d39bfcdcb6bf2d56d63b3368036b53a2f1c361426a746fc8a01a03fac84ae5c3aed03893ee5104eb6b9e52496316cca","ssdeep":"6144:Z21fwZI3wKqMSxeUKn5+q4jc7vije4RDFv7VTG:ZUoKqM9Upyz6S","tlshash":"96b41b9876d5b0654393a0b8503f020b723bad6e7009a1ecf76de9e95db884d6037f78","size":526057,"data":"","first_seen":"2025-11-08T21:05:04.49369Z","last_seen":"2026-01-03T19:57:31.741427Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.3.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-06T04:55:56.993392Z","times_seen":118547,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/static/js2/stui_default.js?v=3","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ecd42702560a7e6f3a211605ad4a59d","sha1":"a923c8e0a456fb982ce0049d8e3b09044db9cf96","sha256":"ae5a58d1e58f8f51c583651fc03a4e7a264f966cbaa297a6089a0f03bfdb3475","sha512":"2620777ceb73bf2ae8cfc97e78260180d2c1daf9ef45f47627c4e9e0d6091e71c5512a6b70898c4cda2f82d4ccece2b56cfe3262a2902268524f1396c4a40f7c","ssdeep":"3072:9zOgt027SoFThP2V/93IYbYIVKZTegpRE3YKd:BhtRS52IVATegpRE3t","tlshash":"42c3e949b3513532429fb1e6512f420fb276646e680580bcb9b8dce66dbcc89707bf78","size":129984,"data":"","first_seen":"2023-05-07T20:04:47Z","last_seen":"2026-04-06T00:05:11.794678Z","times_seen":827,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/static/js2/home.js?v=3","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"51006901f23a77e1aca44f74d4b53061","sha1":"8ce22b4476e8951c667eb575c7c104a4a80f3d3f","sha256":"167f17a43a0264e44dbfc9f0e0db11d73f18e44f277a208e2c3dba998a2bbe9e","sha512":"633023117bb6b427c3ba9261a1cc5c954f41ab2464e7888091a57497ed7edd7eeb50062899744abff40b0711b1686bfb6b8e78df9c25a574ce317acffdcca3d0","ssdeep":"768:hRdXc5Tu8ebBwbhd3DPb7z9CTbhJrLr9BPTTNzE:hR+tdrsE","tlshash":"48e2615a36f7182450b3357a4e7f65093677825f1908dd88be2d01a48fc8a5cb9b2bec","size":31386,"data":"","first_seen":"2023-03-10T02:34:16Z","last_seen":"2026-04-04T06:30:10.747252Z","times_seen":166,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2752d9025163e7040350dddc3508ca54","sha1":"56ce0f6c28c76cfb7910027f890c7e1bda0f3aa8","sha256":"be2c5daee42f8a5e695ff5b5745c5f676a06ffe295d1e38d6d74ce8071e000d6","sha512":"07f32d24d578295d9591068f6b4d9cb0b36e3b45ddb21fb52360769da506c34a3344a538ea9acea5fdb0abf65af08727baf17d28ecf43a6d3ebe5c91f497db99","ssdeep":"","tlshash":"f5e02b5eea4cb95b72f91f6e617b28413104943557c04414f03500bc8df471451b9bac","size":390,"data":"","first_seen":"2024-12-26T20:00:54.070352Z","last_seen":"2025-12-07T18:23:09.318749Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.5.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89476,"data":"","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-04-06T05:08:49.180808Z","times_seen":218305,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/microtemplates/source[1]","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"e22017c2e9c001bce109bfe2fe68c380","sha1":"e5a75a55df382896aa8aff43bc37e72566edf401","sha256":"0852bba61d02a2d08e06f623e1934f3c17d6d1e84b53d9ffcdc4524402733a54","sha512":"780a63ffb9744024762fe253c98a995020e6623c993dee13e93c8a27e1dcd58942402e18bc9fdbe5e3e2b33ea8c7705c5d0129c4626e6b6b6abb918b41f50145","ssdeep":"","tlshash":"8c01cef400ec12fea35a03a8290ee11f554dd056d1d8294ef5788a7086bc3b94c1863f","size":790,"data":"","first_seen":"2023-04-13T17:29:45Z","last_seen":"2026-04-05T22:59:08.896663Z","times_seen":2094,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/microtemplates/source[2]","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d0be615cc98992c1be964cba7259830c","sha1":"c36a0d0080b96b43402f1004e112c6837e79d002","sha256":"8a5de118b8985eaa80e287cffd27683a2817c2e09cf527d4166bded9ca58bb13","sha512":"8f8f20de29c4d98eee59f9290ae790eae6c9b6fa9bb08f6d88b0f9a4323bbff4277b7eae3c1889afceb635ec2fb139f3b150725e37383e9745b79186e182a45b","ssdeep":"","tlshash":"8bd02b86b47222d8527317e8022645771168e52dd0506948ca4dd630947fb276e0d53d","size":264,"data":"","first_seen":"2023-04-18T02:32:56Z","last_seen":"2026-04-04T11:42:40.892542Z","times_seen":722,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/microtemplates/source[5]","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"b6669abaec2c9816a30d51ba97928d1f","sha1":"b5fcc05b4a39f1e7629415f02c437353c99c3bca","sha256":"d9694562bb2b5918188cfaabeb9f5407029bf9f6efcc4b64e8ad20eb0efb16c3","sha512":"55c3c0185d166ae054646688f98f22cf5b84db0fe5b5d4cfb6fdafa638b6aa33f6c3aa8f509a8be096d0a663b67dd557633f592bed5946e9bd2f68e158a7f26e","ssdeep":"","tlshash":"6b71bf7010e910bba34f11f4496eba1b5b42d001c699d54e757e1ba08bfefa6c81e2e6","size":3545,"data":"","first_seen":"2023-04-18T02:32:56Z","last_seen":"2026-04-04T11:42:40.891967Z","times_seen":641,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"93a0556e2f18cb309b4e07b051cb43e6","sha1":"ee77667881297e20ec27a7b5c5543f6af3568e37","sha256":"c903887c4c5332aebe296254cbf614583cd4520ae49729e95eed6be0e10a8699","sha512":"830626599859dfa34a0f1204cd090b4102371b038e340352a1864702a99891c87877cbf4fe8c6a05230dc17785adc8d8808bd386ad52bdfb9f3aa3a37e0f5f17","ssdeep":"","tlshash":"e40144bd129f1a42440084c3c88f5f89fb9e03d124e85a26d2ba9201e75d7a4c31bc3e","size":724,"data":"","first_seen":"2025-12-07T18:23:09.322241Z","last_seen":"2025-12-07T18:23:09.322241Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/static/js/playerconfig.js?t=3202512081765131756","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5df13a70a084a89b3b745b1803f6c45d","sha1":"a125d81bf7627ade5a53bd47e54893369927ef19","sha256":"613e79a29cfb54d2f6db87ce723738462cfceb0867271d3d811ea91cba4d50ea","sha512":"71b54284b727e68cf30eca8e245de8802a4bd5a9e0b33be2f4941f0b8defb7ebfa96515a821969b7de881843c0f6925d480ca98151eddf9d0297e6d7d27d6fcd","ssdeep":"","tlshash":"5b211407074e0933c3f7d0b58ed427198cdf9fb591a4ebd959786c7937ad079a505001","size":1438,"data":"","first_seen":"2025-11-10T12:17:23.687403Z","last_seen":"2025-12-07T18:23:09.289968Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-06T05:11:58.528442Z","times_seen":599158,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"937e16428250179a5b63163bb2e473ff","sha1":"7672a2a93dd9674e80fb12940d9a44b18084561b","sha256":"8fece9536b368ef890f0b24561158b121d2129dcabd3fbaf2fd63966905b96c5","sha512":"436f2c1ae5d1f7fd33e1f03d211dfce931a2ace7ddea337ebfb38a709789ec3db21c3d20acee857b307bf48ee7e1e473d940f4d62843572abf8e32c61afc9704","ssdeep":"","tlshash":"c9c08cb50b463488873aba870a2e398014041026e616eaeaa8d7522004f596eb9ee16c","size":163,"data":"","first_seen":"2025-12-07T18:23:09.324076Z","last_seen":"2025-12-07T18:23:09.324076Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/microtemplates/source[4]","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"486158165321d921fb388101d2bf4483","sha1":"ba156a31e28d86c1c0ef9b1f008ba80af1452eda","sha256":"ea765f553d9d9b3240448ba6c80400cb77eb5b84c79561b25fdc9220b019d9d1","sha512":"16c00f994c42ff1dd14fa7a6b40392ae1f2234438494a2f1fec1c914486c709de5c93507ed186bac6361b43ca1731897aede8f15c4d5b0d70429821af9a79a72","ssdeep":"","tlshash":"a5d02b86f4b132e80553267c02264657216dc71c55512d89c68cd5605677e518e09479","size":251,"data":"","first_seen":"2023-04-18T02:32:56Z","last_seen":"2026-04-04T11:42:40.891035Z","times_seen":621,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/microtemplates/source[10]","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"7fc0269dc024c5f39f0acb6f430df867","sha1":"fb0da5eec4812714ac2eb3ac19acdea81b328cd0","sha256":"9c3a43f77ecfa0847ffc313713fcd586a434e9ad0355ceef6a509f2e235ebd02","sha512":"ba69a544788238ac7e790b694dfe9425ae4cba0f6f36ec07c10aa7c905e3f5137579b230b05b896d3755534c263eb0f7d20b83c7bf0ceed7f0b1ca134536b63f","ssdeep":"","tlshash":"5de0a34594f961dc26a5171c10076627691c4b0d54649405c47d9d74c9b7a6f0605b79","size":412,"data":"","first_seen":"2025-11-08T21:05:04.513538Z","last_seen":"2026-01-03T19:57:31.750752Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"641339e991d69afbb3e5f0b4254b32cf","sha1":"d51ca43fd0cf580bbf73f166ea132e8ad24475eb","sha256":"63abea5e0c51fcb71825ad142f95e5fe1a7ae4f4fa26239108b49b806c1170aa","sha512":"80c7a20801ec2e86f8f5074b585231caeaa1fe1088afd21ad47a61e84e1a97a4980595372d8c5bbcdfc61dfb9505af152d71f58256ac2e1db24228690379c4fc","ssdeep":"96:ISA6kIvvGwaZwHuVyjwr0JdlwwXbeU2Lc6VoF8e:I5IvvGrWuVyjwQLawXbeU2Lc6VNe","tlshash":"4d917411644a2867c1a9b4b2e1694e2c6139c1049650873cf93dbcded4ec4be0f1ebfd","size":4419,"data":"","first_seen":"2025-03-20T07:16:11.125038Z","last_seen":"2026-04-05T19:59:04.420435Z","times_seen":631,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"8a82a25e7fa187e4145867f87068c6d0","sha1":"7a63c4633ad5cb58865f859aecf5914db86665dd","sha256":"f55790d06e0c6c9bc38b8e62e531edbd47ed23ac8e2bc82bf6ce8983468b3921","sha512":"1ce9b5e8a2e23f95ef9931f6776a85c1dc5c1cbdbdbb61eba3485fc9d45786079aa20f328bc53e1c418aa1112079deaef093ac696a0c02509118850027260ece","ssdeep":"","tlshash":"0a60000c3c00000c3c0fcc000c0c0f0000303c000c03c0000030000033c0c3030c033c","size":16,"data":"","first_seen":"2023-03-09T16:51:20Z","last_seen":"2026-04-05T07:10:35.541649Z","times_seen":668,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/mediaframe/clappr-forward.js?v=10","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"129b2627fe56f8135416e451489210ff","sha1":"909602fe24fb95bbb4be7c849699ef7ece261a45","sha256":"2f5e918fcca2a4d1b3c2f6d2d936bf74c9745554da248e6db12a5ce0cd24d3f4","sha512":"0c518f0eb4abc43a8bbc0dee2c2eb7d70d8945a25ffd8d93be443c491bf16ca06d0e73a9e4d86c74bfb1781b3f1ea99318129dd3ca94d8ed6d94515f5b507342","ssdeep":"","tlshash":"c58184683bfe0129eb8f812c1e197d063162989b640eca3d7d3d16d49f5003625f9ef0","size":3915,"data":"","first_seen":"2024-08-19T22:32:33.823919Z","last_seen":"2026-01-03T19:57:31.728466Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/mediaframe/disabledev2.js","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"caf784218e09b7323f3f8291b385d46d","sha1":"8038bad69b8e5240865da70d936b085a02f7e097","sha256":"fc0befbed8d54fb7b56171e378bf6d0e6a4b846295de6ef05c2c03e8fe9b2763","sha512":"921d5aeb61d8278e98fe5a807f693f0c0941fbcb90929823b4ff8b528c411e87565993390b648f9434bd279bd22828940a70515b2bcdeff5eac569fb783ee71f","ssdeep":"","tlshash":"36514349a591209067ed6bbb733720d1e467ebed088f840eb806f8d0795361bd4d3e70","size":2723,"data":"","first_seen":"2024-08-19T22:32:33.829093Z","last_seen":"2026-03-26T02:29:51.43123Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0bf2dc91f6afaebdc7da1d3dbf0a3b90","sha1":"d5473d39ab43f2f876d48528286321eca3dd4294","sha256":"757cecebb09e0a051443191ee13b270da6f608bb7951d1eceb52fd2f38b35075","sha512":"32f924fa80050bec22f35c94a4e0c89d441087ebf2f129a9a3056ff31188506a6ca0fea2a0052ea5559d52ed1d1982a6fe7a72ef05176f3d2668df63bbed14bd","ssdeep":"3072:8+NjQ3d0jtR/Q7NG5TxqVUz9yah/qrpH2k31q99NEIi2Q:JjByKESwS/aHv31q98Ii2Q","tlshash":"08242bd6739a902383d599e694740303a335694e3808c06cb67cbddfad2ee89b176f74","size":211547,"data":"","first_seen":"2025-12-03T19:10:09.240792Z","last_seen":"2025-12-17T11:14:47.363098Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7c9e4e4c5ea5561b5295809a86a7a10b","sha1":"232dd35b75bc96a33e32c0f200e2cdc24b6e7feb","sha256":"f708d7635a84ed01bdea34fc07e72bfac2c458cb45928e331346d8820163792e","sha512":"fb567e971776453b6d113b46f85189b259153e89a8c486b8df30abfddb9955956fa94b944b7e2b512feb823e57a41a37d8f41ea589c623b5493e005f2956ec0b","ssdeep":"","tlshash":"c8511ea5dabc901b551260b980ad5ac5227f0677dc2c58f6f83caa943fcd12d01fbe98","size":3005,"data":"","first_seen":"2025-11-08T21:05:04.516567Z","last_seen":"2026-01-03T19:57:31.769794Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/microtemplates/source[3]","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"6613c8a697a118f65bf3d9f380907d97","sha1":"6efc80326892c7d5ea9749164eff813359f58964","sha256":"61e2bbf236de13c2adb732aabea5f58d614a8d85d9e8c8750e846b26e4d05aa2","sha512":"02ba01aff66609b71f51edebfaf46c94f6963c42c329f7e2eb6ee8fb2b81e9ca9fc55a556fd492ceecb9c9b29d84b2f9da665ab9b54c8c0c17974a80b87f904d","ssdeep":"","tlshash":"37d02bc6b4a021e842a35968513e761f3129d70c5051ac4dcf4cc5a15df7aeafe094f8","size":279,"data":"","first_seen":"2023-04-18T02:32:55Z","last_seen":"2026-04-04T11:42:40.85961Z","times_seen":687,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/microtemplates/source[7]","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"de4890d682457ece9d1231bf901a4b7b","sha1":"7c1582ab0daae07f3bb8f11882e5987dae1eea03","sha256":"662854444f6dd02beb0a7952e7f26532dee54687e942572180d753d14844c2cc","sha512":"7eba88e62bc0ab8ee3d1679764f80f132e56d798e36f8a8bd142712b1fea3559ca8fe8128e46b5a5ae25915d496258a6622f5b88790bde01bce6471e73cefc5c","ssdeep":"","tlshash":"c2d02b86b47222d8527316e8022645771168e52dd0506948ca4dd630947fb276e0d53d","size":264,"data":"","first_seen":"2023-04-18T02:32:55Z","last_seen":"2026-04-04T11:42:40.896217Z","times_seen":627,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/static/js2/jquery.autocomplete.js?v=2","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"62caa296be14be906a7c5415be57d153","sha1":"c20b9871aaae06315611742f7ca6e5616af8bf73","sha256":"01871a2045b0e5aa95224037d2722be8c264fde02838ec93059f58058ff75b4a","sha512":"f442ecbfbbc620a32b2e9eb1980f467f133978e85913da7898730c36f18689b61cec3b54b592a6efa168de1f4ccc26f16850cbeb0f99aafe5e4f43925c4eaa0e","ssdeep":"384:EC8MCaAlHqBlgr2q7rLXej2Jy7fwaoSXo0TviE:Em7qr7OtZTqE","tlshash":"a3b2fc0979e3226252a7707e8faf0008b676a157240cdd50bd1ca7d02f54938b6f7fd9","size":25222,"data":"","first_seen":"2023-05-03T23:02:56Z","last_seen":"2026-04-06T00:05:11.789328Z","times_seen":785,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a0cc32a84dc7cad15595ebad463f0356","sha1":"94194ef3053ffc70133d7c8d54b779aa04de83b7","sha256":"c0da6bf877f0997a94c4f49337eae720b725e815639496b1c6713f53b8269749","sha512":"bafb0c50134359880c0f5f40b3ecda87d4c234dbe597eb6b790de0d336cffe3889e6c12aa101de49ee25f0127c3689cdec32a45f0119670a338904c342c3b200","ssdeep":"","tlshash":"5af07d729f2f1805e1ff639a65dc6440bc3590226ac485b9f535d81c1fcc76c1b21735","size":656,"data":"","first_seen":"2024-12-26T20:00:54.090047Z","last_seen":"2025-12-07T18:23:09.331361Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/static/js/player.js?t=a520251208","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"80b15ba362c83a5ba2bd23043217f209","sha1":"1aae0b3051ae26847ed452b8d05fcaf0104374e4","sha256":"c3263e523ecbc44c7ca091551c4860c75cad83307b3afa01a3998251d161835d","sha512":"b4f41b1e8845a625e937f16bb222d7418a4f7f46b09ede5caf02f26f3ee9bfbcd56bc8abde4a82ee2645aa853e2e80759fba77c93eb4d454735b7e176da26f86","ssdeep":"192:IIsrTugViEEzhnNTWf9iEfSLXhSLxtBBl+veIODMCYoJuDpcGnj:IQgViEeNTWfoslCEYocDpcGnj","tlshash":"d5223b133b25a9d043fa4b6b1bdfbdcbe5a883431e3810d7c7307e985974a41a266e34","size":10311,"data":"","first_seen":"2023-03-07T01:15:08Z","last_seen":"2026-04-05T19:59:04.414893Z","times_seen":730,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/one/common.js?v=6","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d16c48bbb1b2be1d1fe02e7607cdc3aa","sha1":"8937d78a741d627118fae20f504eb028a6ebc3cb","sha256":"455c2c60d95d6f51bdd136fe90d37f7ef9db5db723d84a7d24c446ba2292a65a","sha512":"6e4308d0fe1e8f45876ff388e4fee20612a4b227a5103cad9d6a1ec2571ab595dd1b0fe2ada6da9d2d34f37872da81864274b5ff04041aff4f9dbbefa657c338","ssdeep":"","tlshash":"ba21fb1ad1a338c4393778620b0f08c4d29652ab4d14e14afe8eda400f50c3d61fafd4","size":1276,"data":"","first_seen":"2024-12-26T20:00:54.076148Z","last_seen":"2026-03-26T02:29:51.424998Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/microtemplates/source[0]","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"fed5d9c2aa8ce1ca9b2cdcc1bf78a76f","sha1":"2be2268e87842e1b71bc636c59fd3501a2962e9d","sha256":"e466342e29693b661bdbb77424388fff4779ea4abccba3fcdc1789877580b65a","sha512":"362c191c78da14af4998b135f0ef35206de6739068d17690cfad6f7d2ed0e9b972aa491e673244ffa28bcdb0596832692f9940bb174e447598d4d7604412e0d6","ssdeep":"","tlshash":"21e0a3e5d4f562ed23051268110b5617215cc54690c8754fd9bac6b0ddb7d95490c23f","size":420,"data":"","first_seen":"2023-04-18T02:32:55Z","last_seen":"2026-04-04T11:42:40.87511Z","times_seen":695,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/microtemplates/source[9]","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"6a718120e45e82b45dae950a61a6e858","sha1":"9fe9bc08f53bde7e50fa8cae41ebf91df2fdf0a7","sha256":"0092e21f46049ab1ad7159fb97a1c8c0e0e32e16331d0df09be82de22d575e0a","sha512":"1b46f06cd3eca4946835719741ce6ee6072a77bfa8565f880567ad7078bea3502c5c398fb4c29f1fb034e2694bf32bf4869b1ef75e326cfcb72fc7236fa9a954","ssdeep":"","tlshash":"f251270431bd03b001fbd51d7a3ae221202af952c02596dfbf5a7f6c54f65e2395be05","size":2504,"data":"","first_seen":"2025-11-08T21:05:04.519216Z","last_seen":"2026-01-03T19:57:31.761015Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"a9e24f3258fecac69fad37a6885b9589","sha1":"f1fb70fea99118dea4cc83a491dc738680d8023f","sha256":"41b4ec87610c8dca9de8139ec6512242f006f3b75dd0c1cf11e8fafdd6a62865","sha512":"8b7344ff653b0ff01339f075bd27a65bec4f848dc2ccd88dba20542a158af912ab71d944ea89517d300590d5a03ec2f2c2f9c217cae4551c2a3bcd369ad5d6d4","ssdeep":"","tlshash":"9d011521520d3028d857b260f1f0de8c1735488bab224f68c8737c31a18947e1825d6d","size":713,"data":"","first_seen":"2023-03-07T01:15:08Z","last_seen":"2026-04-05T21:37:19.359846Z","times_seen":2780,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"2a6a9b44af8324e12008517d1758f93f","sha1":"a7e27e41081e984e9362bb9a92bfd3add1f4fcf4","sha256":"fb85ae688c4296550689e1cb06c20131c71e09b5f60ca6c4ac353a5562b840c5","sha512":"595e736fc074bfb9d3a32dfc39e0abf1e9a02fe89d14411d50e7582d344c4fe921972000fa0a32e975e8e7397b8139e6954bf56ea93fa7e56aa3ae25de0ceb3e","ssdeep":"","tlshash":"129002056d05e054051098844930951855108498a024965991a61a445e141c80d6a411","size":47,"data":"","first_seen":"2023-03-07T12:12:30Z","last_seen":"2026-04-04T04:36:49.897287Z","times_seen":397,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"images2.imgbox.com/99/bb/xcUzmXw6_o.png","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /99/bb/xcUzmXw6_o.png HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 182880\r\nvary: x-s-token\r\nlast-modified: Tue, 01 Apr 2025 04:54:06 GMT\r\netag: \"2ca60-631b0538cb780\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":182880,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 800 x 200, 8-bit/color RGB, non-interlaced","md5":"61348879cbc4b482626044d418b6a657","sha1":"708bc48518e4106d4692e4532dddc179a6326ad2","sha256":"d1bcde692b84406918fe6ce419cc968721c3ec91ca46ab5660dc9b7919f28da7","sha512":"8ac80ade4ddcf5d3332943bff653ab40f9f7fe1189d1e27866d778aeb2f7dd6745561d9de68827b377c5e00c84e9ab2513bca07a3e5ebcd96b8dcf5f615eb124","ssdeep":"3072:PODVmvEdPjBhdqEzH5JrY6oL3fTAB+5VtPwaMRDkpi3dkDD06RlH:POJdjB7rDY603bAk5yR4wCDD06RlH","tlshash":"6c0423aa09f68d8140896937eeb453a4ffba56e5302b50ee21f71c037502c64a977ff4","first_seen":"2025-06-06T16:44:38.144943Z","last_seen":"2025-12-07T18:23:09.221455Z","times_seen":6,"resource_available":false,"data":null}},"time_used":338,"timings":{"blocked":260,"dns":0,"connect":0,"send":0,"wait":38,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/81/40/DjAYXHsQ_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /81/40/DjAYXHsQ_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.14.2\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 168891\r\nvary: x-s-token\r\nlast-modified: Wed, 29 Oct 2025 13:29:39 GMT\r\netag: W/\"293bb-64255dd7eec00\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":168891,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 100","md5":"fc87ae60b442416aaa5de74446ea099d","sha1":"470e7584c59b27e32298e7dfa92fbb6c4bbe4473","sha256":"7476e0d6f2f8e1f47f92e97f1ba21023f4d2fedf11d5a4414065df984d116388","sha512":"3ad6f92c16688dbcb006f58dbb14ac12428af5285db1a13d9f921e00cc4dfb736e64e9caa79ef68c30554939150393cc8ee3dc3f1975ee49cdc80622771ebe88","ssdeep":"3072:LqMRf2p/QwCQ/QT+q8cbNygnluLikTJo2kiBdQuk/P9JZYKCPSt3a/FcK:Lr25/QDlZlutS1IdQukX9QKCKt3adcK","tlshash":"99f31298c5104b83e4f56cc22cf5011e36bf0daf67aa4435b98fd0539c9a07aa74b9f5","first_seen":"2025-11-10T12:17:23.63187Z","last_seen":"2025-12-07T18:23:09.223121Z","times_seen":3,"resource_available":false,"data":null}},"time_used":405,"timings":{"blocked":368,"dns":0,"connect":0,"send":0,"wait":27,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/disable-devtool@latest","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/disable-devtool@latest HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 18:22:36 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 6646\r\ncf-ray: 9aa60ca8f86fb1b8-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 0.3.9\r\nx-jsd-version-type: version\r\netag: W/\"4514-YJEJ2C3rDH3T2dISgI3LoFSM49E\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-eddf8230143-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 42997\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=cMNQFRk3%2F54Vjf0m0z7Z3A2s0eTSQ8FfRwPQq8loLOO%2FOcXmEnGeYaTZdOW1CLi9Ltw7qfjIlSCXHdQyesmNXKL5nCxZWPWW1qpP9EC9oDRllWpdVs%2BuQRvPy9gvjAfrHBs%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17684,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17663)","md5":"7fa174926682313cc5a067077b0bb22d","sha1":"609109d82deb0c7dd3d9d212808dcba0548ce3d1","sha256":"5a7b9b2c807f85575c9ebc1f508e849b53430870b2d0fb6c02b2de3df661cb63","sha512":"83a593d4b8648b78031259becd96b4c33226e9462c2e26013ee0746ff58a7b710159d0d380d001d7740e9485ee346491c16e3fdb0d334f5b6cfabe6f90cda9b6","ssdeep":"192:m+5ekRvDLCpBK+BpP78nPk6O9ShgzsqcSYV0GtI+uwicvsbIUiJE2KmnyKU:mLiPCvRvT8nPk6cSCzsqGVJeZcsb8S9","tlshash":"0582c4ccb48270715b77a9e9507f454ab23aae96888c8040f13ed8e42c7c56ec267f7d","first_seen":"2025-08-02T03:49:54.562881Z","last_seen":"2026-04-06T05:03:16.321057Z","times_seen":3610,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":4,"connect":2,"send":0,"wait":13,"receive":1,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/template/default_pc/statics/img/favicon.ico","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:38.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /template/default_pc/statics/img/favicon.ico HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nCookie: recente=%5B%7B%22vod_name%22%3A%22%EB%8B%A4%20%EC%9D%B4%EB%A3%A8%EC%96%B4%EC%A7%88%EC%A7%80%EB%8B%88%22%2C%22vod_url%22%3A%22https%3A%2F%2Fwww.cytv143.com%2Findex.php%2Fvod%2Fplay%2Fid%2F3499%2Fsid%2F1%2Fnid%2F8.html%22%2C%22vod_part%22%3A%22%EC%A0%9C08%ED%99%94%22%7D%5D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:38 GMT\r\ncontent-type: text/html\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FMpcsvc9mz3oXUHl26WgMhXZNq37fzrnsEIEznuis8OsVSQvvDh0GLbPlWx6EDe%2FBDCHf596OmYh6Gp553gnM5xQTwIYyCm5A0gMPhwGlQ%3D%3D\"}]}\r\npriority: u=6,i=?0\r\ncf-ray: 9aa60cafbb581525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":293,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"c48578a818ae6b454c6780f9e23f6a0b","sha1":"45b03688adb071557fc0887cb40c13962f864330","sha256":"b3b5c957df51922c0f234e4d3a00db40b471d269c5a5b2377ac2d16cbf7e0c74","sha512":"5bcc19d282da824bc058cab84cbe5c001b9c47770d01267f67e681d75d9258a6ce6aa3fe1c0c791a78dd0aaa8cc144f8f68a3aaba75b81ba454d847872826d74","ssdeep":"","tlshash":"e7e0c2c740021419526182302ee1310949cb7eeaaba60c818c97b1ffccd9f48c4a7aac","first_seen":"2025-11-10T12:17:23.653904Z","last_seen":"2025-12-07T18:23:09.22533Z","times_seen":3,"resource_available":false,"data":null}},"time_used":511,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":511,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8","date":"2025-12-07T18:22:38.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xiaoca.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Dec 2025 18:22:38 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 1256\r\ncf-ray: 9aa60cb0eb3cb517-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 2.15.13\r\nx-jsd-version-type: version\r\netag: W/\"cbc-srYOuvk7KjepqB4L/JRmrHznPEo\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220068-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 33050\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=XBLg69Rgg%2F6gKO8Y79UdefSJqdDpUJi1UBovFWrUHYLJRY%2FeEPLUzGYplMs5X5PwsG%2FOvskLvxR%2FINa6q%2F94cCbp9Jhb4hIWIrAX14E4WETIOO3rZLsL%2BBofvgyuUbUf2Xw%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3260,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3260), with no line terminators","md5":"f9acfffb9ca4835e965ec668f00b0096","sha1":"b2b60ebaf93b2a37a9a81e0bfc9466ac7ce73c4a","sha256":"60d7095c2958ace3a1d1038e94616f856feb0d7906c42a6e8e33941481cd6ddd","sha512":"9abeb7320521a93beb16145d15824b6e662e94cb4713d70728f409b026cb041d843452a3a15d495f4efea8e89b43558460eacffa82fa114e84e0a68e87adaec1","ssdeep":"","tlshash":"1d6162897da0b4b253e3a694c13f010af33d857a8198c140a2a9e9f4acf505f96a7f1c","first_seen":"2024-09-14T18:55:50Z","last_seen":"2026-04-05T19:10:38.272096Z","times_seen":179,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/template/default_pc/statics/css/stui_block_color.css","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /template/default_pc/statics/css/stui_block_color.css HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:36 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 27 Sep 2022 13:19:43 GMT\r\nvary: Accept-Encoding\r\netag: \"6332f86f-1691\"\r\nexpires: Sun, 07 Dec 2025 22:29:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 28387\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yyT9KPxUIU3Oi8zma7FeoD15VM%2B3nHVgBo%2Fyl3ytUXVYjWcpY3otKK7P2lXcv93gx%2BWLg3vxX0mnZh9N9V2d0LcYHAiSS9ZGMPWzArwk9A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60ca889d31525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5777,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text","md5":"2b0babb14667d2ecadd0373fbde48432","sha1":"05046a61bceafc3cd1859e3041a55b5f2b20fd8c","sha256":"06e52ef60106533bc8f61b4ac715eaeb80081cf4d7d8b311ff03fd9a19f6e7b9","sha512":"848aa643bae3f53e9e25b04112cc607a1c3be0686e1764026e9eced682e9dc29d979839e5bb907f9b6136f7200970f77b2d3fd9df873857110c2715e04e46c34","ssdeep":"96:tQNwjF+NkGn9dh+LPwnrXdd/A99MwNFFjIW3chOFRTlfahKt230Mm:cwjF+WG9Rb/qpFFjIgchOFRZfahKt/","tlshash":"e9c1cea0d2494426315fc7ee38f0e55173a6b1e0f9056fbe7f672094fb0d0d9683a691","first_seen":"2025-06-06T16:44:38.116346Z","last_seen":"2025-12-07T18:23:09.22727Z","times_seen":4,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/6c/86/wH9ucDB1_o.png","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /6c/86/wH9ucDB1_o.png HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 81750\r\nvary: x-s-token\r\nlast-modified: Thu, 09 Oct 2025 00:41:38 GMT\r\netag: W/\"13f56-640b8cba4cfc0\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81750,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 100, 8-bit/color RGBA, non-interlaced","md5":"56593fcdc7a4fdd1aeb78fecb275eae1","sha1":"78135f02f1f31a7920fbe7dc824ee2c9528117bd","sha256":"8067802559be8e295767238357706858b21295664b507db1efdb0fcfda008b09","sha512":"93d13bfd75c63e6fea03c699c2f9e2a978b82d920a80dbb7979552237beca36192dc294bc083aeebe58c5dcc8608ebbad59a6af8ca7ac1d90698bda87c8e69b6","ssdeep":"1536:zApmliSqsYm7Tj4rvA7A7j3B08NskzhTM3rdXT4gzFT7VCXuXBZWWLP+0q:0mkS9wjA0x08Pzm35XB3oiBAKq","tlshash":"e983125d22ffb7211bc65ef16920804e71de71dad4668f30b826fcec6012db426e6ac4","first_seen":"2025-11-10T12:17:23.682388Z","last_seen":"2025-12-07T18:23:09.228581Z","times_seen":3,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":101,"dns":0,"connect":26,"send":0,"wait":51,"receive":40,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/23/44/xfcrSWtI_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /23/44/xfcrSWtI_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 2094785\r\nvary: x-s-token\r\nlast-modified: Fri, 21 Mar 2025 02:13:13 GMT\r\netag: \"1ff6c1-630d0cbee8040\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2094785,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 100","md5":"c2b8e2669a48dcb566903944c3bb7492","sha1":"f796f3fdaeef23062abe1f4dd405338aaeb1f271","sha256":"e465c952bd2bdb35aed16fe63b9c6f9a12491408fbdbabdd6ad5baa9e1d85dd0","sha512":"04c36721d5f72794eacd26955c135fe894b51a31b68fbb79afeb7f5a30ec2b9eadb2ccc165884580bf7522bbd7e98145009fcbeca3c8e999c79684137ea0a084","ssdeep":"24576:tIuadUXSQw66zLjsZaIIk4JLXYF4GN27yCqVB1Z:tradUXP7EEaIB4JLIO2C4T","tlshash":"362533599c3d1199c8f22afc4d76ce8a333ef86ae7c805094c48615ab6cda7f9617e04","first_seen":"2025-11-10T12:17:23.66023Z","last_seen":"2025-12-07T18:23:09.230161Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1312,"timings":{"blocked":122,"dns":2,"connect":29,"send":0,"wait":55,"receive":947,"ssl":152},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/cd/e0/4QzYL2qz_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /cd/e0/4QzYL2qz_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 380328\r\nvary: x-s-token\r\nlast-modified: Sun, 07 Sep 2025 04:55:44 GMT\r\netag: \"5cda8-63e2ee228b400\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":380328,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 100","md5":"7340d2a63dc0c8987d8f19a187288d02","sha1":"58cd72b58606249b3b02028a22e73dc17301301c","sha256":"57c487d5b78ac63271361ea5efb7b5d7f14e68a7d8dd0e0581b0e274b5206ec0","sha512":"a4beded503a35b9be0644b51bc671fe6da66252ea8309c90ff7ccaad1117922415987bb92207c6c8b57f83bc16026501e5b022983e1cc6b1142aa0cdc9b694d9","ssdeep":"6144:OdVVhq71I3F3PWZNB6UvWzAOnHZVAWbwubaJ36xO21+xTceEC2gtiHIsciT4K/h+:4VO1I3wN8UvWUO5/XeJ3QF1qNx23H7Nu","tlshash":"ac84232bc80306ba163970355c67cb1636983c5272a9aee7390cff59f53dd3c4136a6a","first_seen":"2025-11-10T12:17:23.656561Z","last_seen":"2025-12-07T18:23:09.231446Z","times_seen":3,"resource_available":false,"data":null}},"time_used":532,"timings":{"blocked":121,"dns":3,"connect":29,"send":0,"wait":57,"receive":160,"ssl":152},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/ad/js/react-dom.min.js","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cytv143.com/ad/index.html?v4","date":"2025-12-07T18:22:37.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /ad/js/react-dom.min.js HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/ad/index.html?v4\r\nCookie: recente=%5B%7B%22vod_name%22%3A%22%EB%8B%A4%20%EC%9D%B4%EB%A3%A8%EC%96%B4%EC%A7%88%EC%A7%80%EB%8B%88%22%2C%22vod_url%22%3A%22https%3A%2F%2Fwww.cytv143.com%2Findex.php%2Fvod%2Fplay%2Fid%2F3499%2Fsid%2F1%2Fnid%2F8.html%22%2C%22vod_part%22%3A%22%EC%A0%9C08%ED%99%94%22%7D%5D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 17 Apr 2018 09:05:25 GMT\r\nvary: Accept-Encoding\r\netag: \"5ad5b8d5-1e3f1\"\r\nexpires: Mon, 08 Dec 2025 05:15:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 4049\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ma%2BAtWSn2WTa7rZigD%2BqR7hNkKEuLR4JjMZ7%2FJL6OKEaRdhA5M7ktsmdUGgW8BzxEfSFLNfMf4eXY2f5crERXXG78zmTqOMiBUjXE3lYJw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60cae8ad81525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":123889,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32015)","md5":"f9265a487ab6e128d66c4e01a4b530d3","sha1":"13e6999c59dcf556863d7b8eecde0a41b22eb7e1","sha256":"bb32b062e1f9d031f30d8af787f067a6fec2e5024d5231c4a55993dd7baadf0c","sha512":"ba18f80919362ef5e84690334e490430e28fd1c4c094c64546841dd4274d9dbca89a0bac697d80673904add7142afe286b47dae7985599587a20b3f5e8b4529a","ssdeep":"1536:RO7VCzMS1WaSGtwtZ/YH6NbKp6dK6R7N4ina:ROgzNr18oqbK0BNC","tlshash":"b5c319983280b46717eb927c527f2807b2bb11195c0dc824ba65d8d8bbbd95d133bf6c","first_seen":"2023-05-10T19:16:03Z","last_seen":"2026-03-26T02:29:51.4341Z","times_seen":61,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/mediaframe/clappr.min2.js?v=10","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8","date":"2025-12-07T18:22:38.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xiaoca.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Dec 2025 04:48:12 GMT","end":"Sun, 01 Mar 2026 04:48:11 GMT"},"fingerprint":{"sha1":"B5:D4:73:96:3E:EE:AA:5F:FB:F5:97:10:50:DE:28:6E:BA:E7:56:2C","sha256":"B1:28:E3:3E:E5:C6:52:43:15:79:61:92:E0:C5:02:DC:61:6A:4B:C8:05:A3:4D:B8:73:19:50:AF:DB:11:63:2E"}}},"request":{"raw":"GET /mediaframe/clappr.min2.js?v=10 HTTP/1.1\r\nHost: xiaoca.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Dec 2025 18:22:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 22 Oct 2025 07:08:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68f882fb-806e9\"\r\nexpires: Mon, 08 Dec 2025 06:22:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-security-policy: frame-ancestors *;\r\naccess-control-allow-headers: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":526057,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4cf6dd122978a6f622faa9a6fd830a04","sha1":"3b8be187c208308a0b3575695a40e7fdb0ddea6c","sha256":"d9c533f886996d48515a61d197c35cfb6cf2217b1c6ccf652c9629bc9ca567c4","sha512":"ca5a6f46054ef3227117cb3b9ead81422d39bfcdcb6bf2d56d63b3368036b53a2f1c361426a746fc8a01a03fac84ae5c3aed03893ee5104eb6b9e52496316cca","ssdeep":"6144:Z21fwZI3wKqMSxeUKn5+q4jc7vije4RDFv7VTG:ZUoKqM9Upyz6S","tlshash":"96b41b9876d5b0654393a0b8503f020b723bad6e7009a1ecf76de9e95db884d6037f78","first_seen":"2025-11-08T21:05:04.49369Z","last_seen":"2026-01-03T19:57:31.741427Z","times_seen":5,"resource_available":true,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"xiaoca.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/48/ca/CnOOjuSF_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /48/ca/CnOOjuSF_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 162656\r\nvary: x-s-token\r\nlast-modified: Fri, 15 Aug 2025 05:20:28 GMT\r\netag: \"27b60-63c608c431f00\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":162656,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 100","md5":"75f3dedd93da1923404fb772f5b08a36","sha1":"19a7b0f213c6f4668334b91e9fcea753ac160ccb","sha256":"baebfb7fa90a79a24aee9d95514f2db568e6952775baf17f458434f5937170ce","sha512":"2634e8aa45fe7921a72795b6554b01ef15c3fc5d676db9b89f8716ac5cab6657c6504df6a592261393c77fb45a9aba3e03548bdfa93f19cb72c82bec2425e0b1","ssdeep":"3072:f2dXD8AXITysRNYOoa+YQMqj8VeFt+jHeqiJWy+YnK0eDY0reiyvX+5rKViGV:edzRXITdToS/HkFtX/WKKDteia+5rqiu","tlshash":"14f3020704c7074fb5b9370a8a56cf0a57a09c26130573ab7d38add25a9accb42edf97","first_seen":"2025-11-10T12:17:23.643061Z","last_seen":"2025-12-07T18:23:09.235696Z","times_seen":3,"resource_available":false,"data":null}},"time_used":427,"timings":{"blocked":387,"dns":0,"connect":0,"send":0,"wait":32,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/6d/db/bgSSkqGY_o.jpg","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /6d/db/bgSSkqGY_o.jpg HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 41982\r\nvary: x-s-token\r\nlast-modified: Wed, 03 Sep 2025 05:36:23 GMT\r\netag: \"a3fe-63ddefc2b63c0\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41982,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 400x100, components 3","md5":"40905efe68771bf0e06797577bd07d2f","sha1":"86697a56ff5efd5a7622866d305956aae772393d","sha256":"3b7d8a01e86b8ea55063385b419be38bb0d05203a3f8bc3a8192663cb401a5d5","sha512":"ecf8439528dec5124b70db3ee9f49618ff339c03362f0ab658d001e56d65443caa5aa7e1f42fcc931c3c88d18edf14d6e4137e42b3306abfd128d011d4820574","ssdeep":"768:rOCpdoBVPKzbzrnGwyAZtYmG02rZhfDinwmVhkkrpX2UP4uW:5pdoKHbG22rznm/JrbPo","tlshash":"2113f2298de8b6116ecfcb19213b9a0c0bb1c902125c93df53bf05a5b5910f7f676b15","first_seen":"2025-11-10T12:17:23.662575Z","last_seen":"2025-12-07T18:23:09.242275Z","times_seen":3,"resource_available":false,"data":null}},"time_used":426,"timings":{"blocked":397,"dns":0,"connect":0,"send":0,"wait":27,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:37.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xiaoca.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Dec 2025 04:48:12 GMT","end":"Sun, 01 Mar 2026 04:48:11 GMT"},"fingerprint":{"sha1":"B5:D4:73:96:3E:EE:AA:5F:FB:F5:97:10:50:DE:28:6E:BA:E7:56:2C","sha256":"B1:28:E3:3E:E5:C6:52:43:15:79:61:92:E0:C5:02:DC:61:6A:4B:C8:05:A3:4D:B8:73:19:50:AF:DB:11:63:2E"}}},"request":{"raw":"GET /one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8 HTTP/1.1\r\nHost: xiaoca.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Dec 2025 18:22:38 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nset-cookie: PHPSESSID=4cvom9gk8lkg0pb9fbe7878qs5; path=/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-security-policy: frame-ancestors *;\r\naccess-control-allow-headers: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7549,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"79d3f7752a262cae6a34822f0ee605b9","sha1":"0dfcc8f74a5be26389cf8628fea3e0778ad719e2","sha256":"2e28cf5bb2c8c32712b3e221e783e5e2e084d752041f354e280c5b6b7f91ac40","sha512":"39ec6bf1697d6ef35d8822ee50702d550fa928d1ec9f1592b5648f3686e119d9d887ec5accb9e5f40d03c6b5b7729dc2ed68af0eac9b3fced213aace796648a8","ssdeep":"192:mCiejYztBt7JCu4MeegniWF6a8uWI638ZbolqNdao7EM5SeQxZHYlMApb6gJGpdw:ji7b9aGwolqyo7EMdHlMApb6gJGpdOiy","tlshash":"54f13f56eefa411d602750bc56feb288253ec433d506ccadbeac76109f852ad5893f88","first_seen":"2025-12-07T18:23:09.250656Z","last_seen":"2025-12-07T18:23:09.250656Z","times_seen":1,"resource_available":false,"data":null}},"time_used":907,"timings":{"blocked":368,"dns":33,"connect":171,"send":0,"wait":170,"receive":0,"ssl":162},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"xiaoca.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/template/default_pc/statics/font/iconfont.css","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /template/default_pc/statics/font/iconfont.css HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:36 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 09 Dec 2018 08:51:12 GMT\r\nvary: Accept-Encoding\r\netag: \"5c0cd780-4d35\"\r\nexpires: Sun, 07 Dec 2025 22:29:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 28387\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FaAwLpmWOCl5NlhbGCG8tfy%2FOt0oI47M54l%2BzW5CyNUwWZmVokjJUQAo2KwpKKVNDZo6Al3oWmkSSHl4ru9GzKET9lTwci7LjcNiUPpSbw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60ca889d11525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19765,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (16467)","md5":"25ec004ca1e6ac34cba489cbfa2ba441","sha1":"56c4561e8b1ee8b6ca78018a63bd4260204fd17c","sha256":"c4b5bd16643fa644f81c18e271f5a41ccc58544d22279a89e8ff50a231b492bf","sha512":"dd56a6f4505959c9415acc0a5f06186099ca07ec5cda5eed8d4334e93c19807de3f80d1ace851a2a394ac68bfd658b2e64db10d644e7dfe9358205f63cd1c51c","ssdeep":"384:6DvOCmyD64axmrZmdyES6+OZz12R1Z6Evzl5b4:6jOCjDxakZhJuF12R1Hx5M","tlshash":"1f922af7897d28b11710f495324362859f94766a9a820c5ff04b2d8ce7f3218a297fdc","first_seen":"2023-04-09T08:07:34Z","last_seen":"2026-04-05T18:01:15.123067Z","times_seen":539,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.3.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.3.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-1538f\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sun, 07 Dec 2025 18:22:36 GMT\r\nage: 4779276\r\nx-served-by: cache-lga13622-LGA, cache-hel1410027-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 65, 278115\r\nx-timer: S1765131757.985449,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30288\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86927,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-06T04:55:56.993392Z","times_seen":118547,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":32,"dns":1,"connect":28,"send":0,"wait":31,"receive":11,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/e1/fd/nD2EcwW4_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /e1/fd/nD2EcwW4_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.22.1\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 68271\r\nvary: x-s-token\r\nlast-modified: Fri, 21 Mar 2025 02:16:58 GMT\r\netag: \"10aaf-630d0d957ba80\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":68271,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 100","md5":"a17e56cdb5420ecabfaafdd7cb141af0","sha1":"0da61ae47d50cba79895b0d2b546adc253cb393d","sha256":"1b9de0b06241df9f7b053a4cf48bc655156c989e57cc3d3f0090c1e3246cb920","sha512":"afdd578c22b39aacac424d41ffc24e9b09c6292ae5a1d8c160bd2dd78fa5abd57e2b2e02ada99fa58e83dd522064f2a958ebfa301c2fae3b49d09c542be6d2e0","ssdeep":"1536:Op9PaCa0cHI8y4nrnPozgNOLEBmjUn1zZqtCxBZjrJinmta:49Pha0X8y4n7PojeqAxB5Gmta","tlshash":"356302ee4843a1561b9270aeb55ea70da4f34da7a31115db3a70e3310fd8167ecb8293","first_seen":"2025-06-06T16:44:38.146736Z","last_seen":"2025-12-07T18:23:09.254969Z","times_seen":6,"resource_available":false,"data":null}},"time_used":402,"timings":{"blocked":368,"dns":0,"connect":0,"send":0,"wait":32,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/index.php/user/ajax_ulog/?ac=set\u0026mid=1\u0026id=3499\u0026sid=1\u0026nid=undefined\u0026type=4","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:37.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /index.php/user/ajax_ulog/?ac=set\u0026mid=1\u0026id=3499\u0026sid=1\u0026nid=undefined\u0026type=4 HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nCookie: recente=%5B%7B%22vod_name%22%3A%22%EB%8B%A4%20%EC%9D%B4%EB%A3%A8%EC%96%B4%EC%A7%88%EC%A7%80%EB%8B%88%22%2C%22vod_url%22%3A%22https%3A%2F%2Fwww.cytv143.com%2Findex.php%2Fvod%2Fplay%2Fid%2F3499%2Fsid%2F1%2Fnid%2F8.html%22%2C%22vod_part%22%3A%22%EC%A0%9C08%ED%99%94%22%7D%5D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/\nuser_name=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/\ngroup_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/\ngroup_name=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/\nuser_check=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/\nuser_portrait=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1iV3huKXqgiyTmWxEUptXn9fPPs7tLa8LEZMxWvZ4m1D%2Bmnn0%2FIJNeIx4pJlUMtbEh%2FLB%2FE5EOTvl5j0R1za7BMYJXh2RIFnihrLwdPwZA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60cad7a931525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"e94b985b38952107e6a317c1090b9558","sha1":"d472fb1913bf889c8fa43518be89189557bf8371","sha256":"36db3ed626f3f449e9b3aa7f8713194a7a1d0929fb09b7a9f31288e03a3c8b23","sha512":"9b4addea098a6b4ab67beca0dde9cd29c01716665cadc12d323c5980a16ebd0edcf65017fe1dcc83a20839071be187dd74311a90721e24bbd5a5406902bf865d","ssdeep":"","tlshash":"cea01215046f818348080c8c50c606140168125408094604dab4f9184618050534d4a8","first_seen":"2023-04-09T08:07:34Z","last_seen":"2026-04-05T23:53:24.259729Z","times_seen":2167,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/mediaframe/clappr-pip.min.js?v=10","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8","date":"2025-12-07T18:22:38.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xiaoca.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Dec 2025 04:48:12 GMT","end":"Sun, 01 Mar 2026 04:48:11 GMT"},"fingerprint":{"sha1":"B5:D4:73:96:3E:EE:AA:5F:FB:F5:97:10:50:DE:28:6E:BA:E7:56:2C","sha256":"B1:28:E3:3E:E5:C6:52:43:15:79:61:92:E0:C5:02:DC:61:6A:4B:C8:05:A3:4D:B8:73:19:50:AF:DB:11:63:2E"}}},"request":{"raw":"GET /mediaframe/clappr-pip.min.js?v=10 HTTP/1.1\r\nHost: xiaoca.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Dec 2025 18:22:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Apr 2024 03:39:23 GMT\r\nvary: Accept-Encoding\r\netag: W/\"661f446b-43c1\"\r\nexpires: Mon, 08 Dec 2025 06:22:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-security-policy: frame-ancestors *;\r\naccess-control-allow-headers: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17345,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (17345), with no line terminators","md5":"d3370a6201cc4384aed4eb64e05da3fe","sha1":"44aa3a3480bfe052adfd8b8001106f8c1525a57d","sha256":"435e0757ae8e8e029e968f781a05e89471f0ceccf265f8a17d49941c03750d83","sha512":"c477b209615cd06dedec3a9c93e7d7b2e58cf11fc4bb5e1390274c373681a60ace566fa24da362155bc1ccd3fca664a85b590809005e8ac346de14c95b5c742a","ssdeep":"192:3/6h5JVDsLYYm+26s5DURNMtu+QshN/AudDSNL4NkEBMLSXQvVKPohiMzjQQqy4p:3/6HDUBSBkuE+Q6RTd1q6ohio4X5","tlshash":"c172749c76b1f0a693a3f2b8403f300ff27659b9149990a4b735d8e0aeb454c9127f6d","first_seen":"2023-03-07T12:38:40Z","last_seen":"2026-04-03T19:26:51.359197Z","times_seen":108,"resource_available":true,"data":null}},"time_used":485,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":485,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"xiaoca.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/de/b0/W1kD7vjl_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/ad/index.html?v4","date":"2025-12-07T18:22:37.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /de/b0/W1kD7vjl_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 1032505\r\nvary: x-s-token\r\nlast-modified: Thu, 11 Sep 2025 14:43:52 GMT\r\netag: W/\"fc139-63e911cb3f640\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1032505,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 862 x 491","md5":"1afb78f43a8d170d065de1cadeeec0a0","sha1":"9470e32387d62b05c3ef91f231dfa22d152925f4","sha256":"6e2c2de63ccfc0ea2e4c94a52f7cdf1f15ce9ef7bb5afbb814679428c97a1327","sha512":"5261d9f3a34e00e5abc8714eacaf4a4961562052f93fe0ecf27887f5b52bb66dd86e970f0a8075c77888cd298a847b9d41687c660ebbb5539752fd75737a72b2","ssdeep":"24576:mbMdGHQP6DlEcZjG5xHyYQ3T2dK+SeAr1eoYu2v5fd1Vju:14Hi5xST3TkK+g5YB5fd1V6","tlshash":"3825331a982e9e68dc0eb71b78de03c376905cb4120542d1f8dd58dae5bbc2d728bd1b","first_seen":"2025-11-10T12:17:23.633733Z","last_seen":"2025-12-07T18:23:09.269912Z","times_seen":2,"resource_available":false,"data":null}},"time_used":566,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":523,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/94/67/mWa7ux2l_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /94/67/mWa7ux2l_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 128709\r\nvary: x-s-token\r\nlast-modified: Sat, 22 Mar 2025 02:35:26 GMT\r\netag: \"1f6c5-630e53939d780\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":128709,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 100","md5":"d97dc4fc799a8d1fe2e75ebd409cd51f","sha1":"792c9e57e45d1f76fc00f7d0c0ee238c730fbd50","sha256":"eb80942ade1158dde535d8d6692fe0db66c8d71c3dbe047bb83ae35eeeeb62e0","sha512":"ba4e45a03900b1965b6a9cc9a858f01e6c5d56dfe119317782f5d41de25aac1b2b23ac6004a930e1c1756db605a63e7febb7c611e33fe9fc5e17e5e3e605bb94","ssdeep":"3072:xDEXtxi0UcN5GT2f+BpX72aJNkz1KWCiDLP:xktxi0UcGSfML2afOKYDLP","tlshash":"85c302719baecd3bf5a640415e1e1a6de3940cae9c0ce433b6a6a41df7c0a7540dcf62","first_seen":"2025-07-10T06:40:45.829055Z","last_seen":"2025-12-07T18:23:09.27123Z","times_seen":5,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":366,"dns":0,"connect":0,"send":0,"wait":34,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/62/f7/Ilv6nz5G_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /62/f7/Ilv6nz5G_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 1406801\r\nvary: x-s-token\r\nlast-modified: Mon, 08 Sep 2025 17:09:34 GMT\r\netag: \"157751-63e4d40648f80\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1406801,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 100","md5":"ab24d9c65c26e40a7b72d25f61b95868","sha1":"a0fa32da39c84fc101432f3a9188039f211d93f8","sha256":"2f6bc2f1f3612eed49f80108cacd9fad971472d51110a2b51c0da95b7f03721a","sha512":"f92726e09e8c5246f94c257d8c0c07a682fac7846ea06f01aafd336665669e41afe5049502708a2e9cc40de24fbc0880f364ea0cf30108440bc9de99f519a8dd","ssdeep":"24576:FjjjjDjjjDjjIigPnNx1xVF4NTzMbNjjjZ:iiWnjJCPMbD","tlshash":"d0251265846bba36e2305c383f46933c1dea7943ced4e7e2ce978c651cc7271625863a","first_seen":"2025-11-10T12:17:23.681259Z","last_seen":"2025-12-07T18:23:09.272464Z","times_seen":3,"resource_available":false,"data":null}},"time_used":978,"timings":{"blocked":119,"dns":6,"connect":29,"send":0,"wait":56,"receive":605,"ssl":147},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sj.xiaoca.top/sj/2025-11-05/17623499257112538.webp","fqdn":"sj.xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"172.67.199.28","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:37.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xiaoca.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 31 Oct 2025 00:17:43 GMT","end":"Thu, 29 Jan 2026 01:16:23 GMT"},"fingerprint":{"sha1":"3B:4D:83:7F:66:CA:77:19:A4:46:90:88:9C:91:FA:D5:E4:0F:D3:92","sha256":"00:52:C6:D8:A6:AC:F9:7A:C0:4F:05:71:59:41:B9:F6:17:33:FC:BF:75:55:D4:0E:C9:DF:51:F6:08:18:4F:EF"}}},"request":{"raw":"GET /sj/2025-11-05/17623499257112538.webp HTTP/1.1\r\nHost: sj.xiaoca.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/webp\r\ncontent-length: 34098\r\nserver: cloudflare\r\nlast-modified: Wed, 05 Nov 2025 13:38:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"690b5365-8532\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: *\r\naccept-ranges: bytes\r\nage: 2043\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yk%2BiC06AEnxW82NumYf1hhf4WUhYDMavd2UralpAtT9MfcreIJYGD03iSgouCVZfFDj7NfxElGEfPOI%2B%2F2BfOTGtPgJp%2FIrq4bi2\"}]}\r\ncf-ray: 9aa60cae2d3ab509-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34098,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x450, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e616bfcbf7d00410b7cce0a2222a3d78","sha1":"a4c0e7c37235815850d59eb22e7787e478182e25","sha256":"736b76d3ca7a5dd3fa1c25d5baafa2ee2e4c8e05dd2f59ebfa33ebe11cc4cc52","sha512":"a7c5bc41c4665d8b43ac57ca004ffe2f8552e8b24180916a961fea03ff26567b2102273387e486df74fa006ccec9fa39d0c7f6528d710030fd37d13cbd67aec7","ssdeep":"768:hxdNExxwrJRzRUEVIL9t8jxy2do+mD+//xioxNttPHOxkScU02:htYxmJDUEVY9mE+ma/JiMXtmxk1U02","tlshash":"f7e2f2921e5763389e216a9d0d30cd38486ac907e7f5db678e08ad5729cc63f889f740","first_seen":"2025-11-06T04:17:35.2266Z","last_seen":"2025-12-07T18:23:09.273235Z","times_seen":23,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":99,"dns":6,"connect":2,"send":0,"wait":12,"receive":2,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"sj.xiaoca.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/mediaframe/disable-dev.min.js","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8","date":"2025-12-07T18:22:38.238Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xiaoca.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Dec 2025 04:48:12 GMT","end":"Sun, 01 Mar 2026 04:48:11 GMT"},"fingerprint":{"sha1":"B5:D4:73:96:3E:EE:AA:5F:FB:F5:97:10:50:DE:28:6E:BA:E7:56:2C","sha256":"B1:28:E3:3E:E5:C6:52:43:15:79:61:92:E0:C5:02:DC:61:6A:4B:C8:05:A3:4D:B8:73:19:50:AF:DB:11:63:2E"}}},"request":{"raw":"GET /mediaframe/disable-dev.min.js HTTP/1.1\r\nHost: xiaoca.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Dec 2025 18:22:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Apr 2024 03:39:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"661f4478-3741\"\r\nexpires: Mon, 08 Dec 2025 06:22:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-security-policy: frame-ancestors *;\r\naccess-control-allow-headers: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14145,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14145), with no line terminators","md5":"416e6e4e6c7941c887af89c6eebe9cd0","sha1":"8f2c05dc7967a9f9844b9f68cbd0378df34f301c","sha256":"1100fc641f88a4ff27645a20c8fd3c270d2fb3568f702ddc636f4692b401254b","sha512":"15a749c25e7871270116c50d1873f2f0a8ff8cd6f0b2171019b1316f3b6318743d624d19f20c58d2ffdb002b0ac651b23f025774d94745e617bc4b4c941d9f5d","ssdeep":"192:m65oNMzPEGh0XLRbLBG44G93p5D7GyaVXKAva9g2KFjPyTI:mJUPE7XLRbMK9Zo5g4a3U","tlshash":"9b52a48cb992746017b7a6b8543f190ab2397957448c8060b33e87f82d78d6ec267f3d","first_seen":"2024-08-19T22:32:33.802203Z","last_seen":"2026-03-26T02:29:51.432139Z","times_seen":48,"resource_available":false,"data":null}},"time_used":462,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":462,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"xiaoca.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/one/common.js?v=6","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8","date":"2025-12-07T18:22:38.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xiaoca.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Dec 2025 04:48:12 GMT","end":"Sun, 01 Mar 2026 04:48:11 GMT"},"fingerprint":{"sha1":"B5:D4:73:96:3E:EE:AA:5F:FB:F5:97:10:50:DE:28:6E:BA:E7:56:2C","sha256":"B1:28:E3:3E:E5:C6:52:43:15:79:61:92:E0:C5:02:DC:61:6A:4B:C8:05:A3:4D:B8:73:19:50:AF:DB:11:63:2E"}}},"request":{"raw":"GET /one/common.js?v=6 HTTP/1.1\r\nHost: xiaoca.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Dec 2025 18:22:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 09 May 2023 05:33:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6459db3a-4fc\"\r\nexpires: Mon, 08 Dec 2025 06:22:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-security-policy: frame-ancestors *;\r\naccess-control-allow-headers: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1276,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"d16c48bbb1b2be1d1fe02e7607cdc3aa","sha1":"8937d78a741d627118fae20f504eb028a6ebc3cb","sha256":"455c2c60d95d6f51bdd136fe90d37f7ef9db5db723d84a7d24c446ba2292a65a","sha512":"6e4308d0fe1e8f45876ff388e4fee20612a4b227a5103cad9d6a1ec2571ab595dd1b0fe2ada6da9d2d34f37872da81864274b5ff04041aff4f9dbbefa657c338","ssdeep":"","tlshash":"ba21fb1ad1a338c4393778620b0f08c4d29652ab4d14e14afe8eda400f50c3d61fafd4","first_seen":"2024-12-26T20:00:54.076148Z","last_seen":"2026-03-26T02:29:51.424998Z","times_seen":49,"resource_available":true,"data":null}},"time_used":464,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":464,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"xiaoca.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/5d/6d/3h3Lao94_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /5d/6d/3h3Lao94_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.22.1\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 186617\r\nvary: x-s-token\r\nlast-modified: Fri, 12 Sep 2025 01:59:43 GMT\r\netag: \"2d8f9-63e9101e181c0\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":186617,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 100","md5":"2b0e4acd617748a01382eb7e0d950312","sha1":"72d62f8f7fe8c3df789835b8bfdcc8d22fff8dfa","sha256":"6305285dcf28a8acb421f963eef1868877819d5d9cc8f8c76d6ba67e653ca29a","sha512":"030c84400f04921edbf1bfcdfd9b72e9d3da70d75cc847b41e5d36dd50902c0899551d39c0705ad34331733ba9218bbbd162870fffcdeeaecfa3faee97f198b9","ssdeep":"3072:z1FaiTKcGGXHKNLakq2qaqsKb5O5AH+gl+arpSs2fqH5N34Bwwf++Rjt0:JFalcBXKN+2jiomeY+wNl4KlT","tlshash":"f7041238dcf869803b1f34a5388fcae7ac0f55454b2dfb42b1456714f3818f526aa4b5","first_seen":"2025-11-10T12:17:23.623128Z","last_seen":"2025-12-07T18:23:09.276633Z","times_seen":3,"resource_available":false,"data":null}},"time_used":431,"timings":{"blocked":371,"dns":0,"connect":0,"send":0,"wait":32,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/template/default_pc/statics/font/InfinitySans-RegularA1.woff","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:37.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /template/default_pc/statics/font/InfinitySans-RegularA1.woff HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/template/default_pc/statics/css/stui_block.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: font/woff\r\ncontent-length: 534712\r\nlast-modified: Tue, 27 Sep 2022 11:46:32 GMT\r\netag: \"6332e298-828b8\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BQugrj14Wj7pdGKIJKt6zlDZe%2BqtH0pwo3Iw2WE9ORFfjIwolRHD69PGmwIRh7bWXnSEkZ7kmTYQFHermk%2BNGc5QpQfln2StK70KpIJQFA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9aa60cab9a3c1525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":534712,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, CFF, length 534712, version 1.0","md5":"a838ddb94f49525fc7ede1c3aec40468","sha1":"8cd5f9c35c7824875e3dc514984dee6a5fbf3225","sha256":"07f4629655e1602b3ba8c1f172fb82491f513fa6be49792e2bfa782cf6578e70","sha512":"52e5e1f528231a27d6cc7dfa0c1eea9d369a18a5299153e02122665331e252f138f7cb53fe49f0cea6ea77db68ccf1e6105d045e087aee02190b82ac47b46583","ssdeep":"12288:fqQdgvXJMOiXGCN9Xt968HlStj4dsZonP04Vb2EvbSaiju7M9:SOgvZMOgGCN9Xt968Ikd04VCEvbFnG","tlshash":"2ab40229aadc950715f3e1c83bbf3921e38f6150dd4b3b0d10ceb4b9e5609f12e6a196","first_seen":"2023-12-13T15:35:19Z","last_seen":"2025-12-07T18:23:09.277909Z","times_seen":50,"resource_available":false,"data":null}},"time_used":494,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":462,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/index.php/ajax/hits?mid=1\u0026id=3499\u0026type=update","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:37.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /index.php/ajax/hits?mid=1\u0026id=3499\u0026type=update HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nCookie: recente=%5B%7B%22vod_name%22%3A%22%EB%8B%A4%20%EC%9D%B4%EB%A3%A8%EC%96%B4%EC%A7%88%EC%A7%80%EB%8B%88%22%2C%22vod_url%22%3A%22https%3A%2F%2Fwww.cytv143.com%2Findex.php%2Fvod%2Fplay%2Fid%2F3499%2Fsid%2F1%2Fnid%2F8.html%22%2C%22vod_part%22%3A%22%EC%A0%9C08%ED%99%94%22%7D%5D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h1Yy6Z7LNUijNCgSNVv%2BjaBUtMNhvu74%2FiTfbuowy5%2BsQgd7domtMR3mGRfEMjsb0e9B5IJciD0Be8JKDcVebiisMSuNmleW%2BglG%2BDtqHw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60cad7a921525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":88,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"ec6523acab67a4f19e6e1e40eb0e0d8c","sha1":"4a0123ada6fb0663d77d6cd77cb396bb3bdcdd19","sha256":"b1f11efb9eaaa4d52aa1a9c96ca8a433b6e1714817fba8b00c0fb075d821c63e","sha512":"975f53e8e77882de14457b87a14bf119484bf18f2c6d4e17e758391d9cc8088187d575652fb04d1889f5befc0b347b411c48d631016753d3842235293fbc2bed","ssdeep":"","tlshash":"e0b0025534ed01524d055254514d5742525db0445c5353014da9d756c15c8da34664fa","first_seen":"2025-12-07T18:23:09.27907Z","last_seen":"2025-12-07T18:23:09.27907Z","times_seen":1,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8","date":"2025-12-07T18:22:38.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/swarmcloud-hls@latest/dist/p2p-engine.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xiaoca.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 07 Dec 2025 18:22:38 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 65366\r\ncf-ray: 9aa60cb0eb3bb517-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 2.17.2\r\nx-jsd-version-type: version\r\netag: W/\"33a5b-1Uc9OatD8vh21IUoKGMh7KPdQpQ\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220095-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 40386\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=OC1kGaGAnlWF4So57YFu58WfGtV78deygLettEz2RmawU%2B7NzK8UwiXGjMjq6FDLTQwICOS%2BwzHpWnNfWqjyw9mvdt37zWaT9nDKkdr3%2Bi9n9XNp5bovMv8sJQLMQ4ywyTs%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":211547,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"0bf2dc91f6afaebdc7da1d3dbf0a3b90","sha1":"d5473d39ab43f2f876d48528286321eca3dd4294","sha256":"757cecebb09e0a051443191ee13b270da6f608bb7951d1eceb52fd2f38b35075","sha512":"32f924fa80050bec22f35c94a4e0c89d441087ebf2f129a9a3056ff31188506a6ca0fea2a0052ea5559d52ed1d1982a6fe7a72ef05176f3d2668df63bbed14bd","ssdeep":"3072:8+NjQ3d0jtR/Q7NG5TxqVUz9yah/qrpH2k31q99NEIi2Q:JjByKESwS/aHv31q98Ii2Q","tlshash":"08242bd6739a902383d599e694740303a335694e3808c06cb67cbddfad2ee89b176f74","first_seen":"2025-12-03T19:10:09.240792Z","last_seen":"2025-12-17T11:14:47.363098Z","times_seen":27,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/static/js2/history.js?v=2","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /static/js2/history.js?v=2 HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 03 Nov 2025 04:44:34 GMT\r\nvary: Accept-Encoding\r\netag: \"69083332-838\"\r\nexpires: Mon, 08 Dec 2025 05:15:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 4049\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3kHkxkAsJj4jp%2FmXuLodshgE4PRCO8YusQexPKwlP3rhJnG0gYG8Uc6Yd2XG%2F8%2BszWKU4flwH2kWQbAhO7FIHKJuBbXSCEADIDwkZ8JY4A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60ca899d81525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2104,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"aa7f740c32e902b0b0de0f08f44da207","sha1":"f6eb044a0bce9872c4533c437c57c4f247f0e33e","sha256":"5d30530788ea4837778a89f02df2dd24e11145ec1a370ca05cc75bc159c799e7","sha512":"3904ddd5af18b05428e997cd5edcdf77eec9355d9677f2c30221a6663e72bd891291bf8b397f1901a3d587470c96d5008079170d94f3daee8331ece385a43322","ssdeep":"","tlshash":"d341684940b79992b45fd1f94ff73f80a8a0a853289cc9803e8db7105f99336b6f52e5","first_seen":"2025-11-10T12:17:23.613427Z","last_seen":"2025-12-07T18:23:09.280989Z","times_seen":2,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/ad/js/react.min.js","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cytv143.com/ad/index.html?v4","date":"2025-12-07T18:22:37.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /ad/js/react.min.js HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/ad/index.html?v4\r\nCookie: recente=%5B%7B%22vod_name%22%3A%22%EB%8B%A4%20%EC%9D%B4%EB%A3%A8%EC%96%B4%EC%A7%88%EC%A7%80%EB%8B%88%22%2C%22vod_url%22%3A%22https%3A%2F%2Fwww.cytv143.com%2Findex.php%2Fvod%2Fplay%2Fid%2F3499%2Fsid%2F1%2Fnid%2F8.html%22%2C%22vod_part%22%3A%22%EC%A0%9C08%ED%99%94%22%7D%5D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 17 Apr 2018 09:05:21 GMT\r\nvary: Accept-Encoding\r\netag: \"5ad5b8d1-52d3\"\r\nexpires: Mon, 08 Dec 2025 05:15:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 4049\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oMS5NXC73IVMqHbI9OTsAcSU0sFfxdtKAr1cAYst2RQokX%2Fj8F1b0ApTBk6PX%2BZXBEmhChN%2B5DrBN2lgVKooyYHoAU8iK7LV%2FPIPotNfuw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60cae8ad71525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21203,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20875)","md5":"fe3e04b0a969e3722ae34c9a06ef8f32","sha1":"b71145e063c22556d375e065e02ea2ac66fd606a","sha256":"46d9df8b53156408f7bfe7837858e1fe2017a3cfff0f4cd52aa97c7e354b0a23","sha512":"503c68a77f430a70fe529f024345d3089a40783cc7176ed2ddbd46edb91382a2f54adf3bc334feaa9580215b70851910f0cd3d76ad0da2642e6d5bdd2d6adeb9","ssdeep":"384:7Bsb5gIzypiHiVPe2YoOoasCHCjY6eZO7G5M/94VCJD+bvNGHBFm:7Q59zI02siBeZEaiamD4Ao","tlshash":"9f92b6a871b1b0a617e320f4813f850be279675d701dd4a4f6a1e5e079b88ee8133f78","first_seen":"2023-07-24T08:24:49Z","last_seen":"2026-03-26T02:29:51.419549Z","times_seen":61,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/mediaframe/38861cba61c66739c1452c3a71e39852.ttf","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8","date":"2025-12-07T18:22:39.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xiaoca.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Dec 2025 04:48:12 GMT","end":"Sun, 01 Mar 2026 04:48:11 GMT"},"fingerprint":{"sha1":"B5:D4:73:96:3E:EE:AA:5F:FB:F5:97:10:50:DE:28:6E:BA:E7:56:2C","sha256":"B1:28:E3:3E:E5:C6:52:43:15:79:61:92:E0:C5:02:DC:61:6A:4B:C8:05:A3:4D:B8:73:19:50:AF:DB:11:63:2E"}}},"request":{"raw":"GET /mediaframe/38861cba61c66739c1452c3a71e39852.ttf HTTP/1.1\r\nHost: xiaoca.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sun, 07 Dec 2025 18:22:39 GMT\r\ncontent-type: text/html\r\ncontent-length: 479\r\netag: \"5e7b4706-1df\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":479,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"57dd7bfa6c07bfe5eeada45d4bdd78ec","sha1":"395c6ad5c3ae0e8ea47281f5007c369551b32ad7","sha256":"c870990950ca5802e260be6786d1e6a148b1acdfeed4fa9bb6acce744488c0b5","sha512":"c455d00381bde372d6016e7b01eb8682dcbc2fbb032ef522f01f0ea1cd85abeb962aeb8de621b49b138b614b14285686a2c432b4214630f23fda2ed19bf4b9d6","ssdeep":"","tlshash":"27f0dc93d243040e220c45702fb2702450877ddbcb9a0d028897e1bfccd5a698363bad","first_seen":"2023-04-28T05:56:14Z","last_seen":"2026-04-06T04:58:13.55637Z","times_seen":2963,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"xiaoca.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/ad/css/style.css?v3","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.cytv143.com/ad/index.html?v4","date":"2025-12-07T18:22:37.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /ad/css/style.css?v3 HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/ad/index.html?v4\r\nCookie: recente=%5B%7B%22vod_name%22%3A%22%EB%8B%A4%20%EC%9D%B4%EB%A3%A8%EC%96%B4%EC%A7%88%EC%A7%80%EB%8B%88%22%2C%22vod_url%22%3A%22https%3A%2F%2Fwww.cytv143.com%2Findex.php%2Fvod%2Fplay%2Fid%2F3499%2Fsid%2F1%2Fnid%2F8.html%22%2C%22vod_part%22%3A%22%EC%A0%9C08%ED%99%94%22%7D%5D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 12 Sep 2025 02:22:40 GMT\r\nvary: Accept-Encoding\r\netag: \"68c383f0-2d82\"\r\nexpires: Sun, 07 Dec 2025 20:29:16 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 35601\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ryVy43lXNPS4wx7JSaomHYaiB2msqHsvGKZPBC8tnIQttmfwcHXZV6l1KPEZBSFCf1tNBO2l0ST3ZCwLD32qI%2FmrsbwB6hZfmdrldL6JsA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60cae8ad61525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11650,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"645a54f5f3bf3d2d8ed5d7f58da56329","sha1":"f46ecd75890507ab0cd584964ff4f043b5d4b435","sha256":"349bd2ba50326cf627e65bab206298038a69e40f5385a19007bf0953306566c9","sha512":"ddbd2f8cf56a51716ea1bc55cc78e718eab312bbac0864097e260c74914b7faefb6a7324903cf7d554224cc4396b8abe6765340abaf076da480ec908dd98b14b","ssdeep":"192:UaMuDVNMuDVuLHUVOLHUV265GFVP65GFV6xp2VYxp2VKwy/VJwy/VGnDQVqnDQVb:x","tlshash":"16323f6b39a10180a7738a2487df5f38259895935c09fcda738e541d8f85fbc96c8b3b","first_seen":"2025-11-08T21:05:04.456291Z","last_seen":"2026-01-03T19:57:31.710426Z","times_seen":5,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/aa/21/YC0mHxqN_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /aa/21/YC0mHxqN_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 753592\r\nvary: x-s-token\r\nlast-modified: Thu, 09 Oct 2025 00:06:28 GMT\r\netag: W/\"b7fb8-640b84cfbe280\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":753592,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 100","md5":"e62c162a3aef1f1851ad83d5bff3a7d5","sha1":"fa30332b6e3e45046c1d3e3aaee6ac9d8443455d","sha256":"85d6af4800858d5d9380b959ba16772355c67acbf2ad0aba52660adde6d49f05","sha512":"fe00a44a4a754107568ed03afdea37b1425c1e1a7949af7366a688580fbc3c28c8683c21ec1649fe519c9708fba3fb2d97504bdf72266e137b7dd52f3253fd93","ssdeep":"12288:7E6GzfNBXMVULrk0LL5P27yXZ0PBMgRsfmwpiOuTI5a3kB68WgIAczcMkpj:DGzFBcV0VJzpCPKOwTLOkBJWgIY","tlshash":"02f4236edd1ccca5691b14e24f898f860fb5159c1861373eb868bb5a30e2eff2cd4154","first_seen":"2025-11-10T12:17:23.657707Z","last_seen":"2025-12-07T18:23:09.284792Z","times_seen":3,"resource_available":false,"data":null}},"time_used":723,"timings":{"blocked":402,"dns":0,"connect":0,"send":0,"wait":29,"receive":292,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/mediaframe/clappr-chromecast-plugin.min.js?v=10","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8","date":"2025-12-07T18:22:38.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xiaoca.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Dec 2025 04:48:12 GMT","end":"Sun, 01 Mar 2026 04:48:11 GMT"},"fingerprint":{"sha1":"B5:D4:73:96:3E:EE:AA:5F:FB:F5:97:10:50:DE:28:6E:BA:E7:56:2C","sha256":"B1:28:E3:3E:E5:C6:52:43:15:79:61:92:E0:C5:02:DC:61:6A:4B:C8:05:A3:4D:B8:73:19:50:AF:DB:11:63:2E"}}},"request":{"raw":"GET /mediaframe/clappr-chromecast-plugin.min.js?v=10 HTTP/1.1\r\nHost: xiaoca.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Dec 2025 18:22:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Apr 2024 03:39:31 GMT\r\nvary: Accept-Encoding\r\netag: W/\"661f4473-6396\"\r\nexpires: Mon, 08 Dec 2025 06:22:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-security-policy: frame-ancestors *;\r\naccess-control-allow-headers: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25494,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (25437)","md5":"01601edb007eef5ba4b1386675c39eb2","sha1":"bb7706b676af6837b4fe6c702e538ad1ed700945","sha256":"66c50380ea255c087cbbb78351e5580f3252655314e10487e9e175e08a0cb748","sha512":"7cb2f01347a1fc8e3cc8687fc926566acc60908ac36dbafb905b85608653096ddc0d5b4540d43f8b4af6978903a8a7a61e9cf632c240a0294da580b3416a7d6e","ssdeep":"384:/E2XN8iOGY9mVm4Vg5gUxvRHxwjY0OaSJM2o1AUmgaVlSEiuOV16U9kgLxL:BVVmAe5xvRRUY0Oaci1xmzVlSMs9kgtL","tlshash":"5cb2979cb1d1b135969390b8543f110ab23a75aa3089c1dcf73dd8e1aeb061d647bfb8","first_seen":"2024-08-19T22:32:33.812387Z","last_seen":"2026-01-03T19:57:31.731645Z","times_seen":6,"resource_available":true,"data":null}},"time_used":480,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":480,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"xiaoca.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.5.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8","date":"2025-12-07T18:22:38.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.5.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xiaoca.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15d84\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sun, 07 Dec 2025 18:22:38 GMT\r\nage: 3556874\r\nx-served-by: cache-lga21981-LGA, cache-hel1410027-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 64, 430215\r\nx-timer: S1765131758.238798,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30879\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89476,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-04-06T05:08:49.180808Z","times_seen":218305,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/a5/8c/NcmDVYv1_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /a5/8c/NcmDVYv1_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.22.1\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 302194\r\nvary: x-s-token\r\nlast-modified: Tue, 18 Nov 2025 19:01:34 GMT\r\netag: W/\"49c72-643ecd7323a80\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":302194,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 100","md5":"b54ca55dcc18fa6914eb659eba7ebf7d","sha1":"df3aec1b7872662e4b537ab3ca511edcd4e143e7","sha256":"3efb23f679e648f7f5672a3b588b472220634caefb06e111aaf605b273965917","sha512":"c4f3772654ea154332c18face283392da8d1bf1cf60e4bc2c894e9bc698801d0e25649ac7da84fc4429dc1cc69a9afa9d6ee560898f3e89b85b4fa6b90d395f1","ssdeep":"6144:5Pv28IUYNOUv9UyRr+UUOoWUm3NhgPSPkyERanCYJsz:BJIOK9JRCHOj8PbyEcCYq","tlshash":"f754236284aa591919f3a9fb0176f20b7c0134752f06e4f2833af466771027e58ef2f8","first_seen":"2025-11-25T14:46:11.756756Z","last_seen":"2025-12-07T18:23:09.287919Z","times_seen":2,"resource_available":false,"data":null}},"time_used":374,"timings":{"blocked":274,"dns":0,"connect":0,"send":0,"wait":31,"receive":69,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/static/js2/jquery.autocomplete.js?v=2","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /static/js2/jquery.autocomplete.js?v=2 HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 25 Sep 2025 14:13:35 GMT\r\nvary: Accept-Encoding\r\netag: \"68d54e0f-6287\"\r\nexpires: Sun, 07 Dec 2025 22:29:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 28387\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8t%2BZyr5NpDBPRK9hNkg4eO95kHy%2BDKWQDPq4Npolkx%2Bbpet2EYCVHF53raLLz6fV08BS8WMLKXVt5BV0Xz3EuV03yZejqjSFdVShonONoA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60ca899d91525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25223,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"62caa296be14be906a7c5415be57d153","sha1":"c20b9871aaae06315611742f7ca6e5616af8bf73","sha256":"01871a2045b0e5aa95224037d2722be8c264fde02838ec93059f58058ff75b4a","sha512":"f442ecbfbbc620a32b2e9eb1980f467f133978e85913da7898730c36f18689b61cec3b54b592a6efa168de1f4ccc26f16850cbeb0f99aafe5e4f43925c4eaa0e","ssdeep":"384:EC8MCaAlHqBlgr2q7rLXej2Jy7fwaoSXo0TviE:Em7qr7OtZTqE","tlshash":"a3b2fc0979e3226252a7707e8faf0008b676a157240cdd50bd1ca7d02f54938b6f7fd9","first_seen":"2023-05-03T23:02:56Z","last_seen":"2026-04-06T00:05:11.789328Z","times_seen":785,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/static/js/playerconfig.js?t=3202512081765131756","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /static/js/playerconfig.js?t=3202512081765131756 HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 05 Dec 2025 05:49:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69327254-59e\"\r\nexpires: Mon, 08 Dec 2025 06:22:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8oHwCs3%2FeMhW8nSae2dDLphCZFJyZHSiuejMc3k17kv%2F7WKIX6vyp2qQTPwNhY7oCvXKZtc%2FOE%2BCybvylLYX4Xbp3JAEWztnXW4IijBv7w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60ca8b9e41525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1438,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (962), with CRLF, LF line terminators","md5":"5df13a70a084a89b3b745b1803f6c45d","sha1":"a125d81bf7627ade5a53bd47e54893369927ef19","sha256":"613e79a29cfb54d2f6db87ce723738462cfceb0867271d3d811ea91cba4d50ea","sha512":"71b54284b727e68cf30eca8e245de8802a4bd5a9e0b33be2f4941f0b8defb7ebfa96515a821969b7de881843c0f6925d480ca98151eddf9d0297e6d7d27d6fcd","ssdeep":"","tlshash":"5b211407074e0933c3f7d0b58ed427198cdf9fb591a4ebd959786c7937ad079a505001","first_seen":"2025-11-10T12:17:23.687403Z","last_seen":"2025-12-07T18:23:09.289968Z","times_seen":2,"resource_available":true,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/ad/index.html?v4","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:37.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /ad/index.html?v4 HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: text/html\r\npriority: u=4,i=?0\r\nlast-modified: Fri, 12 Sep 2025 02:24:02 GMT\r\ncontent-encoding: br\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yk0mJKq7Ro3AN9IOkhGL8jnXvXsJUkqMECDJNAR9FAMr46w2GGAO6QSFB7UagLzSQvWnnsWTYlHO02HRZdY67VhiswVhKSPJ1Zx%2F3FiMmA%3D%3D\"}]}\r\ncf-ray: 9aa60cacba6e1525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":789,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"1a7501557e9e2cf776cb57fbe77254d9","sha1":"19a4f8982998894b379040b91108f1606279c6c5","sha256":"ecfc2f18298e6c7821f5d44cf3d06a5b210ca69c3adb5a0423c84c06c5104406","sha512":"b67f38bf964ff97eb6d433df98324e37b4b4058de7ef0bfe87c6e8d0639a8e687ddf63feceaace0a6acd384a16d9d7ef166e82247c9365da24061226d8186582","ssdeep":"","tlshash":"f501f535a8e040664082d1c17eb9a61fea95ef4b9a5b4a40b2f1da901fd2ec5cc630e8","first_seen":"2025-11-10T12:17:23.644248Z","last_seen":"2025-12-07T18:23:09.290947Z","times_seen":2,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/template/default_pc/statics/css/stui_block.css","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /template/default_pc/statics/css/stui_block.css HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:36 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 27 Sep 2022 12:53:47 GMT\r\nvary: Accept-Encoding\r\netag: \"6332f25b-8032\"\r\nexpires: Sun, 07 Dec 2025 22:29:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 28387\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QSkpacD4SgEAhpC4t%2FewyM0CXTCNcChH9vZP7QyKGKWnQgJ0UHuFRtJF5rMEtH%2B9QI0IeEUhAkeTkuCx99QuZ9Dg%2FjZEF3V%2BgqpzEWzgkQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60ca889d21525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32818,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with very long lines (1560)","md5":"f43924ff9242d4fe342af0ab4a0f5cbb","sha1":"eae6f507e5661d7002abbbd2b412e94cb0ca5254","sha256":"63c7b30b624d8b3427fb484cf50d4c122943ee8496a64704ddadb404d712ef76","sha512":"00119316b5b1c8f39c2c771b79816cb45a6bb52c515bb2c4dae176882bb19dc83328b01c28b54805ec8700b10b9c3efb0f244a62e559679c4d33df82b2836c7d","ssdeep":"384:UrarSSbA6S4ldfdOit4kgUKCrdzZTRiUx6AOGnBwLzb+qoPeVqoPyejI8NIQ3I1m:wKSEljdc0gUXxx6AVnBBtSTw2UG","tlshash":"fee25594ea203d04f06e5f96bad1ab8f6211906b73325cffb9706c58864f5aa00f17c9","first_seen":"2024-12-26T20:00:54.043713Z","last_seen":"2025-12-07T18:23:09.291936Z","times_seen":5,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/cc/2a/ulxTdo64_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /cc/2a/ulxTdo64_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.18.0\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 23459\r\nvary: x-s-token\r\nlast-modified: Fri, 15 Aug 2025 05:20:51 GMT\r\netag: \"5ba3-63c608da212c0\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23459,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 100","md5":"99e4b8651c61631b8cbd052bef687712","sha1":"a1e316c155fe9568b4a129fc82f943f87ce48925","sha256":"4ebb666c7a0c4e41d972f54e6a98aaaa50ea408fdff2dbc2e21e81670a7baa8f","sha512":"edd735b0cfe4c2f83f389ad0659d822206029372c04a2733a717f706c1be59cfa9413592df1947d6b18f3ee555327069dbd45743e75a9b937b16daaddc260dad","ssdeep":"384:9SXPMuOZKOLC0cNv2VIuQfEQSMO4b+ViCPzaZE7PVWoRhnt9xuVoBK1AnDEZcVKT:9SXEuOJSGQf9Sr4CPzaZEwOt2VoBK8Do","tlshash":"67b2e1d8d236f160ef4b3448c234e793f28b69068db49c5c1e8db346e8331cd25a768a","first_seen":"2025-11-10T12:17:23.621274Z","last_seen":"2025-12-07T18:23:09.293394Z","times_seen":3,"resource_available":false,"data":null}},"time_used":396,"timings":{"blocked":362,"dns":0,"connect":0,"send":0,"wait":33,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/46/47/jfLciZeD_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /46/47/jfLciZeD_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.14.2\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 211505\r\nvary: x-s-token\r\nlast-modified: Tue, 14 Oct 2025 11:23:27 GMT\r\netag: W/\"33a31-6412648404c40\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":211505,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 100","md5":"aed32ceff7f5c071fb4a67bf86bdbd27","sha1":"6add10c88a66b1a1d0298d2f6814740f282c16db","sha256":"2fcce47674ceb77fa07b7aaedd4120f74c9dadbb10668e84d63ee184a66e8a80","sha512":"8c7b327bbbfefc589332fdb9c8197abba63064098767a603e1bcd31c83a62e138b4c9f795c4f76b34d347eb6e2cbf20104040f4bb3e1fe96e78e7cde1f77b780","ssdeep":"6144:OQ1Qt+tODkQOKAkespNpTU9ej/ne07Xpjmp5:OQo+sFEnsL7Dt9mp5","tlshash":"87242361d50508810b7f68bf7a98d237afbc44fa59e2e7130aa81750e96cc7530c7a7b","first_seen":"2025-11-10T12:17:23.619419Z","last_seen":"2025-12-07T18:23:09.294469Z","times_seen":3,"resource_available":false,"data":null}},"time_used":462,"timings":{"blocked":122,"dns":5,"connect":29,"send":0,"wait":50,"receive":97,"ssl":148},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/39/ae/49Lu2SUP_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /39/ae/49Lu2SUP_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.22.1\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 233198\r\nvary: x-s-token\r\nlast-modified: Fri, 15 Aug 2025 05:20:46 GMT\r\netag: \"38eee-63c608d55c780\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":233198,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 100","md5":"848c69bf85b3eb1a34fd0beeabccd3eb","sha1":"430ad253b916a91e5c3dacae8693f1c72b45ab32","sha256":"b557d7814133841029988c054731877270360ddb29c2300340aa1c610e0d9ec1","sha512":"6a19f54c4a3745b70174e29a3e23d21a18200a452259ab8ed56402044670ff66e7e9cf52270678bbf22393eb2261744b5e5eee486c372afeec975909d97d3a9a","ssdeep":"3072:MfXPtHf2nHCHKaOIhsxaY+dCb8WHKaB4ZGZbQEgalLSHertR+HdFTu1uzOMxEfUs:MqCHZk8WHK9G9NSHeWTROMxEMq6Tg","tlshash":"233422b8fb3f233129477a040715095df6a73649d9234ab404abddecf1e80ee95ac8b4","first_seen":"2025-11-10T12:17:23.678605Z","last_seen":"2025-12-07T18:23:09.29548Z","times_seen":3,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":247,"dns":0,"connect":0,"send":0,"wait":31,"receive":65,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/00/45/VKwPGSXy_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /00/45/VKwPGSXy_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.22.1\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 250899\r\nvary: x-s-token\r\nlast-modified: Mon, 10 Nov 2025 20:00:15 GMT\r\netag: W/\"3d413-6434cbb681540\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":250899,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 100","md5":"e555a1153b5a2f535e9df7dba0207cf3","sha1":"aebc5ce74f7b7d6c4ef2c33a0163ce3b4c77fb35","sha256":"3d91e96b42310c12b3b9e308d35951e36d9b37830f616b526311941a41ee492a","sha512":"410fc561bec509709fd35c7f069442b5a403e0c60519093fbbad8b519331bafe920c252d20cf285f35a05fea971ed3ca85db672994ce3c52ad2fc1ff334e5835","ssdeep":"6144:xium/uZ6evg5vnHxcD1ruTDgunZwaIcpN/CX86OWo3iW/w:xi6Z6evg5vnRg1raDgunSxcTaX86OjF4","tlshash":"553423dac3ff5fe8a39a1812003b7a2d453796ad1ac115905c2753dec8a72b90af0c77","first_seen":"2025-11-25T14:46:11.726332Z","last_seen":"2025-12-07T18:23:09.296759Z","times_seen":2,"resource_available":false,"data":null}},"time_used":496,"timings":{"blocked":429,"dns":0,"connect":0,"send":0,"wait":26,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/static/js/player.js?t=a520251208","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /static/js/player.js?t=a520251208 HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 15 May 2022 14:18:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62810bca-2847\"\r\nexpires: Mon, 08 Dec 2025 05:15:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 4049\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FM1Kifv7qN2jnMr7Ofs0cas6iauQONEJIeKhEL0CJXFCO6TycE2IhXWpTH3mvS16ItQFRDCHjd0DZBFWJrp2a20133ntbc7pyH2nk59rXQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60ca8c9e81525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10311,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (7521), with CRLF line terminators","md5":"80b15ba362c83a5ba2bd23043217f209","sha1":"1aae0b3051ae26847ed452b8d05fcaf0104374e4","sha256":"c3263e523ecbc44c7ca091551c4860c75cad83307b3afa01a3998251d161835d","sha512":"b4f41b1e8845a625e937f16bb222d7418a4f7f46b09ede5caf02f26f3ee9bfbcd56bc8abde4a82ee2645aa853e2e80759fba77c93eb4d454735b7e176da26f86","ssdeep":"192:IIsrTugViEEzhnNTWf9iEfSLXhSLxtBBl+veIODMCYoJuDpcGnj:IQgViEeNTWfoslCEYocDpcGnj","tlshash":"d5223b133b25a9d043fa4b6b1bdfbdcbe5a883431e3810d7c7307e985974a41a266e34","first_seen":"2023-03-07T01:15:08Z","last_seen":"2026-04-05T19:59:04.414893Z","times_seen":730,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-07T18:22:36.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /index.php/vod/play/id/3499/sid/1/nid/8.html HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 18:22:36 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TIN6HayR3XH2YlE2zIBvu571inK9nMzaB15v%2FWIuwf%2FHNLyEiCF0mTaugWOCh6WV0WFUi31m5nrBUya1h5y7btIcnfI2ezQM37rXMT6%2B7Q%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9aa60ca36dec783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24330,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (956), with CRLF, LF line terminators","md5":"fa3c4c87d2ae4e6a4edb3088401bf0c3","sha1":"1d2b0efb40522f8bc9f2a1417c548bb4def6aadf","sha256":"71af484edf3e5b0863cb02ebd995c4bb4a3517d49a664fbadeac7303a9368099","sha512":"b3164299031f82b27616112ab8173f62e8dfb3faba022f0e08c9e0309fda2187e7ca60d313ab5eef5b4344d4c3cdbcbbcbca7ba63a3414c4ad00bde453387144","ssdeep":"384:/PgZ05wuU1cO57ZsU0LI4HyAXtXxozk2GKXwtOwH4wAQQJ2wY4McVJEObavXlpgk:ngZ05wjcO57ZsvCIzYwAQQIwY4Mc8lk+","tlshash":"52b2d75287cdaf37013204c3c8687798f09baab6db4b4d81b1bd163b9bc5ea05e125dd","first_seen":"2025-12-07T18:23:09.298453Z","last_seen":"2025-12-07T18:23:09.298453Z","times_seen":1,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":23,"dns":0,"connect":1,"send":0,"wait":561,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/static/js2/stui_block.js?v=4","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /static/js2/stui_block.js?v=4 HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 25 Sep 2025 14:13:36 GMT\r\nvary: Accept-Encoding\r\netag: \"68d54e10-277f\"\r\nexpires: Sun, 07 Dec 2025 22:29:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 28387\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hgihJR1zQbVpuDD3Agkgf9p1lrFnrfzbste943xQC5%2FL90WKSFz9o2mKHD6ctLHNvf9Gq9jeitgFFZq%2F9NYrhdlUMJP4dp4TuGiwlvh9ww%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60ca899d61525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10111,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (565)","md5":"46c7a45b15971492cc200525d1b60a56","sha1":"7e9e43e2a2104d07baae9fe45bfba5928d86c27b","sha256":"c14fade8aa183f146adbc0fe08457057cacb61dc62a7f56e3af1bc3120c2dde7","sha512":"9d91a755d7cf36a2fbc6a4ff9f777bdf01c6245fa6be3a11168db0c1b28eccca30c8ec28d589dbe3ffc2cfb832b38c832eb8c881a409730b5f34632716f05c06","ssdeep":"192:xk0hbH8Hkay1Y/nCtwl7ACa8sk5uQTsImrMMuKW8:xk0hbH8Hka5/nCtM7ACJskZvqW8","tlshash":"77229384fb9c6537807734ad942e11c4e46dac32bc404ca7fd6ca5642bd0e2a619ec34","first_seen":"2025-11-10T12:17:23.655233Z","last_seen":"2025-12-07T18:23:09.299589Z","times_seen":3,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/img/ico23.png","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /img/ico23.png HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:36 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 26 Oct 2024 08:29:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"671ca854-110e\"\r\nexpires: Mon, 22 Dec 2025 13:04:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 1315099\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G0AQIi29pKTZ8Hip3t8%2F17u6j4BUNIQbNjEjZZqUVgy6rYdphzzbuS8qqgXh2TaQUhzXMjxEgatqhv7JYbDTCN78HqImWeSk03DOKF%2Bfrg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60ca899de1525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4366,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"19cfcbdbfc1b21340e7ee413d782a8f3","sha1":"f53c890833be9db9688d06747f7bb96f11dec66e","sha256":"eaffdff1f17e292c4d876162d2a7132ed4634e47659080101183702628e6a09e","sha512":"98e682a5acbc5c9b51bf905e072dfb9b89ab551e15b923efc8d1dcd7209435cb6d30e5e0eed3e5d1f9ba527639c0ef9d6aa22337145593c5f964f8670121eef4","ssdeep":"96:urRhqaOUNcqSS+47VQVaf4cM2KyHbrKCRwsmcN2yUU9YFpz:qzNcteq9yHkCN2yU9Fpz","tlshash":"d1917e7572a6260cea0062e7e6248383da015590435de4e3b13cb559493fa81e9e95e3","first_seen":"2024-12-26T20:00:53.950573Z","last_seen":"2026-01-03T19:57:31.678698Z","times_seen":42,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/0a/a8/gJbwJZGV_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /0a/a8/gJbwJZGV_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.14.2\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 255636\r\nvary: x-s-token\r\nlast-modified: Sat, 22 Mar 2025 02:53:05 GMT\r\netag: \"3e694-630e57858e640\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":255636,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 100","md5":"380c41c73c0f111c151883d3bc859298","sha1":"2593f91981b0ecb7296fb9927e8b5528f513b27f","sha256":"d9e97c1bddff03816802c985e8fd346818cf0aa31befa0ee68aad913a672c749","sha512":"959552c925ed29a0ed9ef963403c816c3a4186f8938cd618a5eaaae43ff552c85030a39040fa8fb5495d1ab043eb7d1f2fcaa3a58364a643317e1c56c199b58a","ssdeep":"6144:/cVf2JNAYFKVNAYMNAY3NAYUMNAYcOjNAYf3xNAYqNAYgQC0iP9:0Vf2tcKTRpXf3Vggl0g","tlshash":"2044024484d46e069a3b6d0fd658ef40868e9a954d930b033c825b6b0bfc4f4d9aeddf","first_seen":"2025-06-06T16:44:38.147775Z","last_seen":"2025-12-07T18:23:09.301527Z","times_seen":6,"resource_available":false,"data":null}},"time_used":465,"timings":{"blocked":372,"dns":0,"connect":0,"send":0,"wait":31,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/mediaframe/clappr-forward.js?v=10","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8","date":"2025-12-07T18:22:38.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xiaoca.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Dec 2025 04:48:12 GMT","end":"Sun, 01 Mar 2026 04:48:11 GMT"},"fingerprint":{"sha1":"B5:D4:73:96:3E:EE:AA:5F:FB:F5:97:10:50:DE:28:6E:BA:E7:56:2C","sha256":"B1:28:E3:3E:E5:C6:52:43:15:79:61:92:E0:C5:02:DC:61:6A:4B:C8:05:A3:4D:B8:73:19:50:AF:DB:11:63:2E"}}},"request":{"raw":"GET /mediaframe/clappr-forward.js?v=10 HTTP/1.1\r\nHost: xiaoca.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Dec 2025 18:22:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Apr 2024 03:39:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"661f4476-f4b\"\r\nexpires: Mon, 08 Dec 2025 06:22:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-security-policy: frame-ancestors *;\r\naccess-control-allow-headers: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3915,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (812)","md5":"129b2627fe56f8135416e451489210ff","sha1":"909602fe24fb95bbb4be7c849699ef7ece261a45","sha256":"2f5e918fcca2a4d1b3c2f6d2d936bf74c9745554da248e6db12a5ce0cd24d3f4","sha512":"0c518f0eb4abc43a8bbc0dee2c2eb7d70d8945a25ffd8d93be443c491bf16ca06d0e73a9e4d86c74bfb1781b3f1ea99318129dd3ca94d8ed6d94515f5b507342","ssdeep":"","tlshash":"c58184683bfe0129eb8f812c1e197d063162989b640eca3d7d3d16d49f5003625f9ef0","first_seen":"2024-08-19T22:32:33.823919Z","last_seen":"2026-01-03T19:57:31.728466Z","times_seen":6,"resource_available":true,"data":null}},"time_used":469,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":469,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"xiaoca.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/template/default_pc/statics/css/stui_default.css?v=5","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /template/default_pc/statics/css/stui_default.css?v=5 HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:36 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 25 Jul 2024 07:18:16 GMT\r\nvary: Accept-Encoding\r\netag: \"66a1fc38-221c\"\r\nexpires: Sun, 07 Dec 2025 22:29:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 28387\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2wENfrRefj0UwqxXouJ8KaKr3OWU%2BtndjfY5V2lgb1UakXjxrTv%2B0X6ZtDbDQUoHogGbdGxS%2BYMtPqvvmBlSvS88%2BMIYhcSvmQRee6fx8g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60ca889d41525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8732,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e8a7b2aee44bb31bf85431ddeb4fe9b5","sha1":"f6792a2b7c3a6b4f44055942da5fe75b8127cac0","sha256":"0ed367a5bdd86210997b04d8f7c2d13cdece3e9793d190419eadb49401a618bf","sha512":"1ecd53a562879ebee478a26b32ca8b5d9fb247e4c7b5ff0b751c3bf4d0a96ed329c0aeff1f4da6ecde76641df8a45fb67d92c74c6187a486564c051026419072","ssdeep":"96:draJbtDAIxI28rqxNrb4mMM29/ugFRwOukVbw3lA3rulXkniG7Zi:kJb5NWBrqxNgmMAgFRwOukV0mbQkh7M","tlshash":"2702315492013408b13f8f96fdd39e4a32257027f70286fae931a82ddac9a84ccf6748","first_seen":"2025-06-06T16:44:38.142561Z","last_seen":"2025-12-07T18:23:09.303595Z","times_seen":4,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/static/js2/stui_default.js?v=3","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /static/js2/stui_default.js?v=3 HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 25 Sep 2025 14:13:39 GMT\r\nvary: Accept-Encoding\r\netag: \"68d54e13-1fbc1\"\r\nexpires: Sun, 07 Dec 2025 22:29:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 28387\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=am9h5ocvC8uXocHsTKCCKGk5b9VZYj5neSJ9yDApw8%2FLmu0iU2ul1QVOPfVwgc7hL3Jxch0%2BbBj%2B5nRdBMl4VgAqhB9LZ28uAUDPuxhOmA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60ca899d51525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":129985,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8745)","md5":"2ecd42702560a7e6f3a211605ad4a59d","sha1":"a923c8e0a456fb982ce0049d8e3b09044db9cf96","sha256":"ae5a58d1e58f8f51c583651fc03a4e7a264f966cbaa297a6089a0f03bfdb3475","sha512":"2620777ceb73bf2ae8cfc97e78260180d2c1daf9ef45f47627c4e9e0d6091e71c5512a6b70898c4cda2f82d4ccece2b56cfe3262a2902268524f1396c4a40f7c","ssdeep":"3072:9zOgt027SoFThP2V/93IYbYIVKZTegpRE3YKd:BhtRS52IVATegpRE3t","tlshash":"42c3e949b3513532429fb1e6512f420fb276646e680580bcb9b8dce66dbcc89707bf78","first_seen":"2023-05-07T20:04:47Z","last_seen":"2026-04-06T00:05:11.794678Z","times_seen":827,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/bf/49/JA9piwyg_o.gif","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV SSL CA 2","organization":"GoGetSSL"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:40:C4:66:DF:6A:53:69:91:C0:6E:E4:30:08:6A:AE:7C:D9:E0:F4","sha256":"5B:6C:CE:B6:08:A1:0E:CB:E3:DE:59:62:F8:8A:62:B0:EB:CC:60:FA:D1:4E:D3:0D:56:1D:55:32:E5:36:BA:4C"}}},"request":{"raw":"GET /bf/49/JA9piwyg_o.gif HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.22.1\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\ncontent-length: 181738\r\nvary: x-s-token\r\nlast-modified: Sat, 22 Mar 2025 02:50:19 GMT\r\netag: \"2c5ea-630e56e73f0c0\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":181738,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 400 x 100","md5":"157e6c5a8ecda34d37d2b39efd33ecbb","sha1":"f548ca16cdc120a66b51eb239a10449003b8c332","sha256":"144076d305d92d3f9291b50cb4f8fc96dd0453c6029618fcd2d185e40b7c2a7c","sha512":"c6eee87a7af33bd9f1dd8d261c289ba9003a67397d032a2a57291387596125153b5f86aafad7c1861d75e5e2f86c554ecb2fae21eeb7bc52c1580dd998a6c85c","ssdeep":"3072:gA/9CGoUbegqtvJZ138CpORocvVVDsKmsGE6BX7DvNC0Hpv5h8/Eha5H:LlCVgqr13OucvzsKme6Bfv3HTh4R","tlshash":"2f041366efbf8324ab0a5a3a375507142786a46a580d1977305ff988f10bc3d9cf62cd","first_seen":"2025-06-06T16:44:38.15983Z","last_seen":"2025-12-07T18:23:09.305176Z","times_seen":6,"resource_available":false,"data":null}},"time_used":471,"timings":{"blocked":121,"dns":1,"connect":28,"send":0,"wait":56,"receive":105,"ssl":156},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/logo.png","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:37.436Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 24 Dec 2022 08:41:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63a6bb56-435d\"\r\nexpires: Thu, 18 Dec 2025 15:56:48 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 1650348\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=al9GgvXWd4zHQgj9HLT4q%2Bg45XpjvybxxVJ8pAFRKL9ohWJqZTnqqGmpQRwh8wOmq6KYqvVK33M6xpBxyHg9TQlwHFvIH%2BszA1%2Bnb4rnvw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60cabba451525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17245,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced","md5":"c1e19d338d0850638caaab0a015cf69b","sha1":"9dbb645ad1eb95708b354f2141611c71ff345948","sha256":"a718e8f3cea9558679ab068d9ef2628d3cd9f57e691a3c44e5a301bb262785f8","sha512":"d4e40927967d1079dcaa8a527de9e9d7a12c33f8f9bb6eadcabaf199075455194e18aeb92c0b6f11763a4021ada0575739be7a53339c3c7a5c955689e968a001","ssdeep":"384:tJxKAOf1yimwmJ4eMLoQWltBur6kORPl/HN529Ffdn8z:/H8wkmNar6kMPl/HL2H18z","tlshash":"e172c0ed4f11cb3d9a1d57255490d22c1f5f2a3010133881f9b86869eb653c9e6adf92","first_seen":"2024-12-26T20:00:53.959889Z","last_seen":"2025-12-07T18:23:09.306366Z","times_seen":5,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/static/player/parse.js","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:37.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /static/player/parse.js HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Sun, 15 May 2022 14:18:50 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 08 Dec 2025 05:15:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nage: 4049\r\ncf-cache-status: HIT\r\netag: W/\"62810bca-1d9\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t70qbDNS6pOWPMMXCIf%2BdWyTNFsqHQE%2FMR4fCnt2s1KCWFyLfMw0f7518BtrYv2WVQ6TZ6M4qvGcIOb%2FzhIycgvbIaLibGeG6keg16xSiw%3D%3D\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 9aa60cac8a6a1525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":473,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (455)","md5":"5e8babcc8677866285da26bddf14e9bb","sha1":"215e33e5e51e3040a906207b8519fda06333dd67","sha256":"25b03f2512a489776373c43684e0f4a75215481d2751fd8a59776911110f5325","sha512":"91d6c811c85dff88f682ff3586a855d8f4a9567ab3fdfd7b8b535a02359fd2462af6527614bcae09bf7389979d1356c0ffb6ee31b4f0b72173cd1687fab3b9ff","ssdeep":"","tlshash":"63f0a7f5da6a42cc44832b1f73a248d72123d721fa76b313f857397050457651d611bd","first_seen":"2023-03-10T10:15:04Z","last_seen":"2026-04-04T04:36:49.878951Z","times_seen":317,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/template/default_pc/statics/img/load.gif","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:37.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /template/default_pc/statics/img/load.gif HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/template/default_pc/statics/css/stui_block.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:37 GMT\r\ncontent-type: image/gif\r\nlast-modified: Sun, 09 Dec 2018 09:05:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5c0cdac6-5f8\"\r\nexpires: Sat, 03 Jan 2026 16:11:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 267042\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5K%2BCWzIhsq8xbf1Ng2CokeDunOWM4j%2FMQHKWLI%2FjBcgnS24mHmo1n08FaL4HQmI7SHEEqEN7LOkVFdSJh5maQvcxlTKBZUtXvPCnRUWDqg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60cacda721525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1528,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 220 x 325","md5":"ee02e0b55394774ca5d285bef8ecb5d7","sha1":"fb6d0ba95578a4e7bf91cb97687d264a047248f0","sha256":"6fb021044722d5cd4536a1efa6e342276166ace7668dbf0b3f07513ad03f62b7","sha512":"8058991cd1cd084728425afdf460b5187a3c040239b38b132be9692f23afcf5bf6a3859d8cfdd74bc265bce773e411cb31fa45663803af954f03b3d876d4e673","ssdeep":"","tlshash":"2831d8829e1a82a4fc0b1e3f156d33b79584b8b995b0597e5c3dce53e706a19d048453","first_seen":"2024-12-26T20:00:53.969274Z","last_seen":"2026-04-05T18:03:55.256693Z","times_seen":116,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/mediaframe/clappr-playback-rate-plugin.min.js?v=10","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8","date":"2025-12-07T18:22:38.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xiaoca.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Dec 2025 04:48:12 GMT","end":"Sun, 01 Mar 2026 04:48:11 GMT"},"fingerprint":{"sha1":"B5:D4:73:96:3E:EE:AA:5F:FB:F5:97:10:50:DE:28:6E:BA:E7:56:2C","sha256":"B1:28:E3:3E:E5:C6:52:43:15:79:61:92:E0:C5:02:DC:61:6A:4B:C8:05:A3:4D:B8:73:19:50:AF:DB:11:63:2E"}}},"request":{"raw":"GET /mediaframe/clappr-playback-rate-plugin.min.js?v=10 HTTP/1.1\r\nHost: xiaoca.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Dec 2025 18:22:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Apr 2024 03:39:53 GMT\r\nvary: Accept-Encoding\r\netag: W/\"661f4489-7d69\"\r\nexpires: Mon, 08 Dec 2025 06:22:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-security-policy: frame-ancestors *;\r\naccess-control-allow-headers: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32105,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32014)","md5":"27959406831d205f40f0df5c21ed3c26","sha1":"e0715b0ef435df94dbfa83ca2ff5678a59d47f2f","sha256":"67f6db15eb6390018aafad1a0487c20c3f1dd42830c146ec4a0d787bd8d33041","sha512":"c97c9d658e23382803d5e59ead9cb79091a9adee5af2f8d64b192f246bfdc366aecbf1cc01902bd3b6f8fb9ef667d139a60521408d29bcd920c6e57f7df9ef6b","ssdeep":"384:/wJ+vdyxIKCsmwOFPzq2HZqohdWbzgrjz89TouoPVi3fBPTX:otX4Z1Wb6P8OSX","tlshash":"d2e27389b5d1b0f013f7b0b4412f820eb17ae994b09a96c5e665e5e0acb944f503bf3d","first_seen":"2024-08-19T22:32:33.826894Z","last_seen":"2026-01-03T19:57:31.695881Z","times_seen":6,"resource_available":true,"data":null}},"time_used":485,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":485,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"xiaoca.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xiaoca.top/mediaframe/disabledev2.js","fqdn":"xiaoca.top","domain":"xiaoca.top","tld":"top"},"ip":{"addr":"38.60.95.242","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8","date":"2025-12-07T18:22:38.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xiaoca.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Dec 2025 04:48:12 GMT","end":"Sun, 01 Mar 2026 04:48:11 GMT"},"fingerprint":{"sha1":"B5:D4:73:96:3E:EE:AA:5F:FB:F5:97:10:50:DE:28:6E:BA:E7:56:2C","sha256":"B1:28:E3:3E:E5:C6:52:43:15:79:61:92:E0:C5:02:DC:61:6A:4B:C8:05:A3:4D:B8:73:19:50:AF:DB:11:63:2E"}}},"request":{"raw":"GET /mediaframe/disabledev2.js HTTP/1.1\r\nHost: xiaoca.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xiaoca.top/one/onet.php?url=https://videos.theboda1.com/pop/tv132t123wuvppx2r2qryxyq.m3u8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 07 Dec 2025 18:22:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Apr 2024 06:25:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"661f6b74-aa3\"\r\nexpires: Mon, 08 Dec 2025 06:22:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-security-policy: frame-ancestors *;\r\naccess-control-allow-headers: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2723,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2723), with no line terminators","md5":"caf784218e09b7323f3f8291b385d46d","sha1":"8038bad69b8e5240865da70d936b085a02f7e097","sha256":"fc0befbed8d54fb7b56171e378bf6d0e6a4b846295de6ef05c2c03e8fe9b2763","sha512":"921d5aeb61d8278e98fe5a807f693f0c0941fbcb90929823b4ff8b528c411e87565993390b648f9434bd279bd22828940a70515b2bcdeff5eac569fb783ee71f","ssdeep":"","tlshash":"36514349a591209067ed6bbb733720d1e467ebed088f840eb806f8d0795361bd4d3e70","first_seen":"2024-08-19T22:32:33.829093Z","last_seen":"2026-03-26T02:29:51.43123Z","times_seen":50,"resource_available":true,"data":null}},"time_used":466,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":466,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"xiaoca.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cytv143.com/static/js2/home.js?v=3","fqdn":"www.cytv143.com","domain":"cytv143.com","tld":"com"},"ip":{"addr":"104.21.94.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html","date":"2025-12-07T18:22:36.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cytv143.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 02:06:41 GMT","end":"Tue, 27 Jan 2026 03:05:29 GMT"},"fingerprint":{"sha1":"3F:5B:98:70:2A:E7:D2:AB:0A:E9:0C:C0:38:F9:B7:24:AA:E7:C5:AD","sha256":"B0:8E:39:AF:4F:CE:62:F9:2C:FD:09:6C:2F:E4:22:22:6C:35:0F:F0:04:F1:59:70:34:08:E8:46:FC:B4:26:4B"}}},"request":{"raw":"GET /static/js2/home.js?v=3 HTTP/1.1\r\nHost: www.cytv143.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cytv143.com/index.php/vod/play/id/3499/sid/1/nid/8.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 18:22:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 25 Sep 2025 14:13:33 GMT\r\nvary: Accept-Encoding\r\netag: \"68d54e0d-7a9a\"\r\nexpires: Sun, 07 Dec 2025 22:29:29 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 28387\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KThKnngQ7ndw7DxEOWOyMJsNYl4MQ6eutms6II6mEPhGrmXzMnz1EIEu%2FyQVUzxKDSfQWEZrrRfiQtu8vPVqrQsLQlzol9fGDJz7r7h%2FtA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa60ca899d71525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31386,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2677)","md5":"51006901f23a77e1aca44f74d4b53061","sha1":"8ce22b4476e8951c667eb575c7c104a4a80f3d3f","sha256":"167f17a43a0264e44dbfc9f0e0db11d73f18e44f277a208e2c3dba998a2bbe9e","sha512":"633023117bb6b427c3ba9261a1cc5c954f41ab2464e7888091a57497ed7edd7eeb50062899744abff40b0711b1686bfb6b8e78df9c25a574ce317acffdcca3d0","ssdeep":"768:hRdXc5Tu8ebBwbhd3DPb7z9CTbhJrLr9BPTTNzE:hR+tdrsE","tlshash":"48e2615a36f7182450b3357a4e7f65093677825f1908dd88be2d01a48fc8a5cb9b2bec","first_seen":"2023-03-10T02:34:16Z","last_seen":"2026-04-04T06:30:10.747252Z","times_seen":166,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"www.cytv143.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}