Report - cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1

Report Overview

Submitted URL
cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 19:16:51
Access
public
Website Title
Vipbox
Final URL
cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-25	427 B	526 kB	151.101.65.229
youradexchange.com	273384	2012-11-09	2013-02-04	2024-04-23	775 B	1.7 kB	104.21.91.188
chulhawakened.com	unknown	2023-07-20	2023-07-20	2024-03-26	411 B	1.5 kB	188.42.247.196
streambtw.com	unknown	2023-10-06	2023-10-08	2024-04-20	892 B	14 kB	188.114.97.1
cdn.xsportbox.com	unknown	2019-07-24	2023-09-30	2024-03-18	1.2 kB	146 kB	188.114.96.1
irondai.com	unknown	2023-09-29	2023-09-30	2024-03-10	408 B	131 kB	188.114.97.1
tuskhautein.com	unknown	2024-02-17	2024-02-17	2024-03-18	415 B	1.5 kB	188.42.247.196
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-25	420 B	101 kB	142.250.74.168
phomoach.net	unknown	2023-07-18	2023-07-19	2024-03-30	2.6 kB	51 kB	139.45.197.245
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-04-24	512 B	1.2 kB	35.244.181.201
velocitycdn.com	348860	2017-10-20	2015-05-27	2024-03-10	1.2 kB	270 kB	188.114.96.1
ptaixout.net	unknown	2023-12-29	2023-12-29	2024-03-17	2.2 kB	36 kB	139.45.197.244
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-04-24	985 B	1.5 kB	139.45.195.8

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	tuskhautein.com	Sinkholed
2024-04-25	medium	chulhawakened.com	Sinkholed
2024-04-25	medium	phomoach.net	Sinkholed
2024-04-25	medium	phomoach.net	Sinkholed
2024-04-25	medium	phomoach.net	Sinkholed
2024-04-25	medium	phomoach.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	velocitycdn.com/script/resource-v31.js	130 kB	2024-04-25	2024-04-27
Pretty URL velocitycdn.com/script/resource-v31.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 21:16:52 Last Seen2024-04-27 21:29:01 Times Seen10 Hash e244ccd201db7af7419e5b6040441e19 2c6e5d14a7a9facc7a447d1cf2e7da7195479e3c 3bf1d1eaa0648399c8112e614e180b50794e774d6e88586fc00fb5f96ce65c23 Loading...

	streambtw.com/microtemplates/source[1]	790 B	2023-04-13	2024-05-05
Pretty URL streambtw.com/microtemplates/source[1] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29:45 Last Seen2024-05-05 01:19:45 Times Seen375 Hash e22017c2e9c001bce109bfe2fe68c380 e5a75a55df382896aa8aff43bc37e72566edf401 0852bba61d02a2d08e06f623e1934f3c17d6d1e84b53d9ffcdc4524402733a54 Loading...

	cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1	538 B	2023-03-12	2024-05-04
Pretty URL cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 20:58:39 Last Seen2024-05-04 16:48:42 Times Seen114 Hash 23f14ae712b847828254481b2c5a0069 0a7c5d70eacdb3e6f896855847bc1ab49656e466 6e28a139e5cde2bd01006e4ed5ef2f3c88b2fa2b2b2519a5f6a5714f205ffeed Loading...

	cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1	58 kB	2024-03-02	2024-05-04
Pretty URL cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-02 18:33:32 Last Seen2024-05-04 16:48:42 Times Seen19 Hash 442bbf420891666ab1ddf289fa9f00f4 6a68254c2ee844425bb535798fe4e959f3fed8d3 9ac456bebae6c065dffb8c8a2a798070000c248f081dfab9b2bdb66e7ac77b37 Loading...

	cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js	525 kB	2023-03-07	2024-05-05
Pretty URL cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:45 Last Seen2024-05-05 01:19:46 Times Seen603 Hash f55c6c796275a41ce7d97bd160e648ff 936285f9c8c85a749a1ef8cfc4d5e84b7ea2bc89 db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c Loading...

	streambtw.com/microtemplates/source[6]	790 B	2023-04-18	2024-05-04
Pretty URL streambtw.com/microtemplates/source[6] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 02:32:56 Last Seen2024-05-04 09:16:26 Times Seen159 Hash b63c45532b29dca149e58059c4dda9d0 7c69772c55d148df85b03490653828e77f093d81 831e3aa44d50fb5073e06ce9c960e5d6dad6753c3201e5ba1f41671f3fc3f082 Loading...

	streambtw.com/microtemplates/source[8]	411 B	2023-04-18	2024-04-25
Pretty URL streambtw.com/microtemplates/source[8] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 02:32:55 Last Seen2024-04-25 21:16:52 Times Seen97 Hash df3a4f57bdb52c4a269eb2b59377f3cb 0db84a9e9f9e82efeb2681989399ab6573d77c6b 53af7b7da0dfacca9fe8e5ef9527deb979b62a14e7dd88f3f76ea0fca83592a9 Loading...

	www.googletagmanager.com/gtag/js?id=G-PQ1PJ56MMF	302 kB	2024-04-25	2024-04-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-PQ1PJ56MMF IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 21:16:52 Last Seen2024-04-25 21:16:52 Times Seen2 Hash f31470575655fe0f5571bb87dbeaeb7b 0cd3184ab89e0f02699060e399bc2129b9ae33cf b4e5ecb0af5ed64f8f2a839dfd14dc8de47a215b3bdcdc0147e6a601f060d55c Loading...

	tuskhautein.com/r7838fFXOj9CwcDJw/77025	0 B	2023-03-07	2024-05-05
Pretty URL tuskhautein.com/r7838fFXOj9CwcDJw/77025 IP 188.42.247.196 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 14:55:44 Times Seen37360615 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	streambtw.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-05-05
Pretty URL streambtw.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-05 14:52:48 Times Seen43688 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	unknown	446 B	2024-01-31	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-31 02:32:21 Last Seen2024-05-04 16:48:43 Times Seen31 Hash 1f33491e2717ff422bff1fe662a18299 7234981326e13a07dc22d9ceb6ee7cf1f43d14b5 38f08c3cb9cf0d38463b43739ae6e24d43a036ef1697d2608bfaad98d03d1b20 Loading...

	phomoach.net/tag.min.js	89 kB	2024-04-25	2024-04-26
Pretty URL phomoach.net/tag.min.js IP 139.45.197.245 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 16:24:18 Last Seen2024-04-26 06:28:37 Times Seen26 Hash 0c4aa9ddc8e78306f6c57019adc4d64c b3254e75244fb4293cb3a61cd9075656cdeca8f1 6fb4e43813700e4d163367d7462653e55b062b673c439baee22a4073e8ea387b Loading...

	streambtw.com/microtemplates/source[2]	264 B	2023-04-18	2024-05-05
Pretty URL streambtw.com/microtemplates/source[2] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 02:32:56 Last Seen2024-05-05 01:19:45 Times Seen155 Hash d0be615cc98992c1be964cba7259830c c36a0d0080b96b43402f1004e112c6837e79d002 8a5de118b8985eaa80e287cffd27683a2817c2e09cf527d4166bded9ca58bb13 Loading...

	streambtw.com/microtemplates/source[7]	264 B	2023-04-18	2024-04-25
Pretty URL streambtw.com/microtemplates/source[7] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 02:32:55 Last Seen2024-04-25 21:16:52 Times Seen100 Hash de4890d682457ece9d1231bf901a4b7b 7c1582ab0daae07f3bb8f11882e5987dae1eea03 662854444f6dd02beb0a7952e7f26532dee54687e942572180d753d14844c2cc Loading...

	unknown	490 B	2024-04-02	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-02 20:33:43 Last Seen2024-04-25 21:16:52 Times Seen2 Hash 83b60c30c2599e9c0b1939aaa8207b06 83337a5c1122453571e1a3b7a6cd57c15561f0e5 23655b90a3caa944202cfd4c94b12c9acc6847c152d35352d1ab0d3f79956989 Loading...

	streambtw.com/microtemplates/source[3]	279 B	2023-04-18	2024-05-05
Pretty URL streambtw.com/microtemplates/source[3] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 02:32:55 Last Seen2024-05-05 01:19:45 Times Seen140 Hash 6613c8a697a118f65bf3d9f380907d97 6efc80326892c7d5ea9749164eff813359f58964 61e2bbf236de13c2adb732aabea5f58d614a8d85d9e8c8750e846b26e4d05aa2 Loading...

	streambtw.com/microtemplates/source[4]	251 B	2023-04-18	2024-04-25
Pretty URL streambtw.com/microtemplates/source[4] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 02:32:56 Last Seen2024-04-25 21:16:52 Times Seen102 Hash 486158165321d921fb388101d2bf4483 ba156a31e28d86c1c0ef9b1f008ba80af1452eda ea765f553d9d9b3240448ba6c80400cb77eb5b84c79561b25fdc9220b019d9d1 Loading...

	cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1	444 B	2024-03-02	2024-05-04
Pretty URL cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-02 18:33:33 Last Seen2024-05-04 16:48:42 Times Seen19 Hash f022889803b87a9b11191e64f3b015ff 68b93d2eb3a9a660180f7420394d0c95a3163c29 f987cddb8c432a94c404efd65b7deba5216bae496ab375859f5e317860893298 Loading...

	velocitycdn.com/script/suv5.js	74 kB	2024-04-25	2024-04-29
Pretty URL velocitycdn.com/script/suv5.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 21:16:52 Last Seen2024-04-29 08:27:34 Times Seen19 Hash 53ba90f485782e771086791c3c8105f5 6ab83f29079c7f2fc080b035005cc291fa7d2aa9 f0e49f51669d33021e3c9329945a70ca80619cf113024601d8135ae7ec02853f Loading...

	velocitycdn.com/script/ut.js?cb=1714072586320	63 kB	2024-04-25	2024-05-05
Pretty URL velocitycdn.com/script/ut.js?cb=1714072586320 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 17:58:25 Last Seen2024-05-05 14:33:17 Times Seen143 Hash bc481e345c04b4534e0a4e54a0f2c1c6 2be428035dd37b2722891c200f35449c5893df33 04d8cc0aacc3f172f638e608d3f08e8457d849290ae553090cb951d4b3f1b97b Loading...

	unknown	152 B	2023-11-20	2024-04-28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 19:55:18 Last Seen2024-04-28 21:42:08 Times Seen35 Hash c960aa2b990a2f32a6515fd993ef8d9d 42aceea1497268b63f6db17ef5b6f36233c590a4 4e0c1a7d7371e788eeb96742b5815122fd314a396fc7233fac83ed89d6f03016 Loading...

	cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1	1.4 kB	2023-05-21	2024-05-04
Pretty URL cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-21 19:45:26 Last Seen2024-05-04 16:48:43 Times Seen109 Hash 9dc26956b3af9c5c1d866267c7b2eb8d 497c98086b37e029f85b9969b54a3c497f2c88d7 7be6becfe5575e1849b8ac25b05b1a6e3e3afc0b9adeeef521a5bd0a17fa154c Loading...

	streambtw.com/iframe/ch1.php	59 kB	2024-01-31	2024-05-04
Pretty URL streambtw.com/iframe/ch1.php IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-31 02:32:21 Last Seen2024-05-04 16:48:43 Times Seen31 Hash fa2b6cd49b36afbd85248ad398e01b61 cf5e578276c64be74e866de3aa49198da83201b9 e88f1563b20a74ee7182114b3355a1eadb948fd21ec6384a9fecd30ff267e233 Loading...

	streambtw.com/iframe/ch1.php	3.2 kB	2023-11-20	2024-04-28
Pretty URL streambtw.com/iframe/ch1.php IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-20 19:55:18 Last Seen2024-04-28 21:42:08 Times Seen35 Hash a47ae2f4f2521222ddb4ad6eac55117f b42dbbec235e5d6109ba2d636084de23d41077ff fcc8adad6f097bd9bfe2f44df4e8d34448677b9c2ffbab1e71965ee6c98e0c17 Loading...

	streambtw.com/microtemplates/source[0]	420 B	2023-04-18	2024-05-05
Pretty URL streambtw.com/microtemplates/source[0] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 02:32:55 Last Seen2024-05-05 01:19:46 Times Seen142 Hash fed5d9c2aa8ce1ca9b2cdcc1bf78a76f 2be2268e87842e1b71bc636c59fd3501a2962e9d e466342e29693b661bdbb77424388fff4779ea4abccba3fcdc1789877580b65a Loading...

	streambtw.com/microtemplates/source[5]	3.5 kB	2023-04-18	2024-04-27
Pretty URL streambtw.com/microtemplates/source[5] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 02:32:56 Last Seen2024-04-27 21:29:00 Times Seen113 Hash b6669abaec2c9816a30d51ba97928d1f b5fcc05b4a39f1e7629415f02c437353c99c3bca d9694562bb2b5918188cfaabeb9f5407029bf9f6efcc4b64e8ad20eb0efb16c3 Loading...

HTTP Transactions (23)

URL IP Response Size

cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1

188.114.96.1

200 OK

0 B

URL User Request GET HTTP/2
cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectxsportbox.com
Fingerprint26:37:30:3E:D3:36:0C:80:9E:E5:AC:9B:48:2B:AD:61:B7:03:5A:46
ValidityThu, 28 Mar 2024 08:02:25 GMT - Wed, 26 Jun 2024 08:02:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1 HTTP/1.1
Host: cdn.xsportbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 19:16:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2kzzAOXj1drAMovxwGK5ZSaWaCbXfmPvZaDS3G%2BAh7WGKIINSitjmKFpYbYiLA7LT36M%2F67O6%2BqvClIjVasEKVWSM7gwDtnbrObnzEL%2Fald1t61K2aKKNQR9snZ5qc42ZPFeqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a0aadced6c0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tuskhautein.com/r7838fFXOj9CwcDJw/77025

188.42.247.196

200 OK

20 B

URL GET HTTP/1.1
tuskhautein.com/r7838fFXOj9CwcDJw/77025
IP
188.42.247.196:443
ASN
#7979 SERVERS-COM

Requested by
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1
Certificate
IssuerLet's Encrypt
Subjecttuskhautein.com
Fingerprint0D:92:16:F8:B2:BE:61:B3:09:F5:FF:95:2A:94:87:7B:30:65:5F:E5
ValiditySat, 17 Feb 2024 11:46:36 GMT - Fri, 17 May 2024 11:46:35 GMT

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /r7838fFXOj9CwcDJw/77025 HTTP/1.1
Host: tuskhautein.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 19:16:25 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cdn.xsportbox.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Fri, 26-Apr-2024 19:16:25 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Fri, 26-Apr-2024 19:16:25 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

chulhawakened.com/rmxWWDcqKHA/71505

188.42.247.196

200 OK

20 B

URL GET HTTP/1.1
chulhawakened.com/rmxWWDcqKHA/71505
IP
188.42.247.196:443
ASN
#7979 SERVERS-COM

Requested by
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1
Certificate
IssuerLet's Encrypt
Subjectchulhawakened.com
Fingerprint89:5A:CB:99:4E:7A:3B:18:51:2E:3D:3D:31:FE:A2:66:B5:0B:3D:23
ValiditySun, 21 Apr 2024 23:19:52 GMT - Sat, 20 Jul 2024 23:19:51 GMT

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rmxWWDcqKHA/71505 HTTP/1.1
Host: chulhawakened.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 19:16:25 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cdn.xsportbox.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Fri, 26-Apr-2024 19:16:25 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Fri, 26-Apr-2024 19:16:25 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

ptaixout.net/tag.min.js

139.45.197.244

200 OK

28 kB

URL GET HTTP/2
ptaixout.net/tag.min.js
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1
Certificate
IssuerLet's Encrypt
Subjectptaixout.net
Fingerprint68:9C:78:69:60:28:90:FB:1C:BD:D0:98:14:FB:F6:C2:C7:45:CD:5C
ValidityMon, 18 Mar 2024 05:39:00 GMT - Sun, 16 Jun 2024 05:38:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
28 kB (28087 bytes)
Hash
0c4aa9ddc8e78306f6c57019adc4d64c
b3254e75244fb4293cb3a61cd9075656cdeca8f1
6fb4e43813700e4d163367d7462653e55b062b673c439baee22a4073e8ea387b

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: ptaixout.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 19:16:26 GMT
content-type: text/javascript; charset=utf-8
content-length: 28087
content-encoding: br
x-trace-id: 318a7bfcfc78b491db4d2390788ed3d4
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Thu, 25 Apr 2024 13:48:59 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

streambtw.com/iframe/ch1.php

188.114.97.1

200 OK

0 B

URL GET HTTP/2
streambtw.com/iframe/ch1.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1
Certificate
IssuerGoogle Trust Services LLC
Subjectstreambtw.com
FingerprintD8:97:8E:55:E7:91:FA:80:DF:3A:35:36:D3:6C:CC:D6:6B:27:D9:3E
ValiditySun, 31 Mar 2024 23:25:29 GMT - Sat, 29 Jun 2024 23:25:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /iframe/ch1.php HTTP/1.1
Host: streambtw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/iframe/ch1.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 19:16:26 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fTqdeldaIRUVg2%2Fm95lKGkAv53CtGnA1O8WuX3oGKDcvYbEWwS4YObh6vMR%2FdWa4IEn171QMBldNLXeVdVSpxOJLBwZs28YDXJauLRQVu%2FfR2XgNpwXeuBYy8DIWmUQG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a0aadf5b240afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ptaixout.net/5/6320745/?oo=1&aab=1

139.45.197.244

200 OK

1.9 kB

URL GET HTTP/2
ptaixout.net/5/6320745/?oo=1&aab=1
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1
Certificate
IssuerLet's Encrypt
Subjectptaixout.net
Fingerprint68:9C:78:69:60:28:90:FB:1C:BD:D0:98:14:FB:F6:C2:C7:45:CD:5C
ValidityMon, 18 Mar 2024 05:39:00 GMT - Sun, 16 Jun 2024 05:38:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
1.9 kB (1887 bytes)
Hash
d2d9c997821b9156cf7229e9093b8778
8888998074176b41f9f07491e6c4f0cdcae48fda
bb54bd97bde83209c3bf8489589e264e17f13c0a1c36456bc2c17c549a0b3478

HTTP Headers

GET /5/6320745/?oo=1&aab=1 HTTP/1.1
Host: ptaixout.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.xsportbox.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 19:16:26 GMT
content-type: application/json
x-trace-id: 0b3942e928be4da5ba8181fe9b88a972
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://cdn.xsportbox.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080496c1f33423ce8f9fd330e008223; expires=Fri, 25 Apr 2025 19:16:26 GMT; path=/; secure; SameSite=None
oaidts=1714072586; expires=Fri, 25 Apr 2025 19:16:26 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=0080496c1f33423ce8f9fd330e008223

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=0080496c1f33423ce8f9fd330e008223
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
5e3b72e182295f9cac1bf94f64766f6b
f5680b010fabe1c09e0099278af70fa4f45c2c9f
079cc71c8c9aa64f71a1486fc1e9cdb4342357f88e8057b3683f306d9df1cda9

HTTP Headers

GET /gid.js?userId=0080496c1f33423ce8f9fd330e008223 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.xsportbox.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 19:16:26 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://cdn.xsportbox.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080496c1f33423ce8f9fd330e008223; expires=Fri, 25 Apr 2025 19:16:26 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-PQ1PJ56MMF

142.250.74.168

200 OK

101 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-PQ1PJ56MMF
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://streambtw.com/iframe/ch1.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
101 kB (100609 bytes)
Hash
f31470575655fe0f5571bb87dbeaeb7b
0cd3184ab89e0f02699060e399bc2129b9ae33cf
b4e5ecb0af5ed64f8f2a839dfd14dc8de47a215b3bdcdc0147e6a601f060d55c

HTTP Headers

GET /gtag/js?id=G-PQ1PJ56MMF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 19:16:26 GMT
expires: Thu, 25 Apr 2024 19:16:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100609
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.xsportbox.com/favicon.ico

188.114.96.1

404 Not Found

145 kB

URL GET HTTP/3
cdn.xsportbox.com/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1
Certificate
IssuerLet's Encrypt
Subjectxsportbox.com
Fingerprint26:37:30:3E:D3:36:0C:80:9E:E5:AC:9B:48:2B:AD:61:B7:03:5A:46
ValidityThu, 28 Mar 2024 08:02:25 GMT - Wed, 26 Jun 2024 08:02:24 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
145 kB (145235 bytes)
Hash
706a98254456810d3e849c3957af9d01
e461d072a6ba8f0082d6f187eba7f053343529c6
8351c0267c2cd7866ff04c04261f06cd75af9a7130aac848ca43fd047404e229

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cdn.xsportbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 19:16:26 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 166
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zMEivQ97y4wGqW20dfPFyjULqG%2FrMcE1xOX1FCaG2v3fwMJ9dGqoqGYFBBpeoZAbGyinGEXksGGe6NsMvF9HsBoRlnnIfZ9Q5KqBXD6IMENeckNpuMeuv%2FrQkEFs%2FM8SKywcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a0aadf5fa30b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

phomoach.net/tag.min.js

139.45.197.245

200 OK

28 kB

URL GET HTTP/2
phomoach.net/tag.min.js
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://streambtw.com/iframe/ch1.php
Certificate
IssuerLet's Encrypt
Subjectphomoach.net
Fingerprint4D:5D:41:54:2C:98:6F:5D:8D:BC:45:87:4B:76:9B:E0:30:B6:88:BF
ValidityFri, 15 Mar 2024 06:26:26 GMT - Thu, 13 Jun 2024 06:26:25 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
28 kB (28087 bytes)
Hash
0c4aa9ddc8e78306f6c57019adc4d64c
b3254e75244fb4293cb3a61cd9075656cdeca8f1
6fb4e43813700e4d163367d7462653e55b062b673c439baee22a4073e8ea387b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: phomoach.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 19:16:26 GMT
content-type: text/javascript; charset=utf-8
content-length: 28087
content-encoding: br
x-trace-id: 65a8c8cad9098c0b4a9b25a21a0a4af8
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Thu, 25 Apr 2024 13:48:59 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

phomoach.net/38861cba61c66739c1452c3a71e39852.ttf

139.45.197.245

204 No Content

0 B

URL GET HTTP/2
phomoach.net/38861cba61c66739c1452c3a71e39852.ttf
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://streambtw.com/iframe/ch1.php
Certificate
IssuerLet's Encrypt
Subjectphomoach.net
Fingerprint4D:5D:41:54:2C:98:6F:5D:8D:BC:45:87:4B:76:9B:E0:30:B6:88:BF
ValidityFri, 15 Mar 2024 06:26:26 GMT - Thu, 13 Jun 2024 06:26:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /38861cba61c66739c1452c3a71e39852.ttf HTTP/1.1
Host: phomoach.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Thu, 25 Apr 2024 19:16:26 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=008049e069254d18e2d8c8e17792969e

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=008049e069254d18e2d8c8e17792969e
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://streambtw.com/iframe/ch1.php
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
5e3b72e182295f9cac1bf94f64766f6b
f5680b010fabe1c09e0099278af70fa4f45c2c9f
079cc71c8c9aa64f71a1486fc1e9cdb4342357f88e8057b3683f306d9df1cda9

HTTP Headers

GET /gid.js?userId=008049e069254d18e2d8c8e17792969e HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Cookie: ID=0080496c1f33423ce8f9fd330e008223
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 19:16:27 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://streambtw.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080496c1f33423ce8f9fd330e008223; expires=Fri, 25 Apr 2025 19:16:27 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

phomoach.net/5/6869446/?oo=1&aab=1

139.45.197.245

200 OK

13 kB

URL GET HTTP/2
phomoach.net/5/6869446/?oo=1&aab=1
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://streambtw.com/iframe/ch1.php
Certificate
IssuerLet's Encrypt
Subjectphomoach.net
Fingerprint4D:5D:41:54:2C:98:6F:5D:8D:BC:45:87:4B:76:9B:E0:30:B6:88:BF
ValidityFri, 15 Mar 2024 06:26:26 GMT - Thu, 13 Jun 2024 06:26:25 GMT

File type
gzip compressed data, max speed, from Unix
Size
13 kB (12911 bytes)
Hash
0172d3354ad38ee7f35eec182e463e74
ed0c7597be80bac2b720a7aced3a67aaf59eb475
8989e7a7d44a5c8e65fc3911f16fdaa5ac554161ef0903ec9898e8e969ef6b7d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/6869446/?oo=1&aab=1 HTTP/1.1
Host: phomoach.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 19:16:26 GMT
content-type: application/json
x-trace-id: 1b27d0c810fbe58d719f0516093f0235
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://streambtw.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=008049e069254d18e2d8c8e17792969e; expires=Fri, 25 Apr 2025 19:16:26 GMT; path=/; secure; SameSite=None
oaidts=1714072586; expires=Fri, 25 Apr 2025 19:16:26 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

phomoach.net/?rb=ljhVt_hwnQU97b6GhEaOvXk87aenOoPWvHmjsu5hkSnUXJGcFB-hghq-X8yquEC7hA2nWYoC2d4Sb0zU_qEYrn-DhBrh6jjAuoQxUAtI-kk_3YGIbc8niOobuumkYNousAhH8qIJocw7kicTLZhKIDCxACCgg9nyj3Q1f_iDhvtHH-QkUyfubnN88jX7rK1WQM_gD4GC7hETVqs-0sbRfDc3GsKG6IxKyJRrkzEywDeEcz0tYVqmokzBdNJn7yX66pX6Vkr9GV0%3D&request_ab2=0&zoneid=6869446&js_build=iclick-v1.782.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=619&wiw=1100&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1100&wfc=2&pl=https%3A%2F%2Fstreambtw.com%2Fiframe%2Fch1.php&drf=https%3A%2F%2Fcdn.xsportbox.com%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.782.0&navlng=en-US&pnt=0&pnrc=0&bs=cc51cb26-95b4-4064-bad3-cebba7b062d7&wasm=1&userId=0080496c1f33423ce8f9fd330e008223&m=link

139.45.197.245

200 OK

6.8 kB

URL GET HTTP/2
phomoach.net/?rb=ljhVt_hwnQU97b6GhEaOvXk87aenOoPWvHmjsu5hkSnUXJGcFB-hghq-X8yquEC7hA2nWYoC2d4Sb0zU_qEYrn-DhBrh6jjAuoQxUAtI-kk_3YGIbc8niOobuumkYNousAhH8qIJocw7kicTLZhKIDCxACCgg9nyj3Q1f_iDhvtHH-QkUyfubnN88jX7rK1WQM_gD4GC7hETVqs-0sbRfDc3GsKG6IxKyJRrkzEywDeEcz0tYVqmokzBdNJn7yX66pX6Vkr9GV0%3D&request_ab2=0&zoneid=6869446&js_build=iclick-v1.782.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=619&wiw=1100&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1100&wfc=2&pl=https%3A%2F%2Fstreambtw.com%2Fiframe%2Fch1.php&drf=https%3A%2F%2Fcdn.xsportbox.com%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.782.0&navlng=en-US&pnt=0&pnrc=0&bs=cc51cb26-95b4-4064-bad3-cebba7b062d7&wasm=1&userId=0080496c1f33423ce8f9fd330e008223&m=link
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://streambtw.com/iframe/ch1.php
Certificate
IssuerLet's Encrypt
Subjectphomoach.net
Fingerprint4D:5D:41:54:2C:98:6F:5D:8D:BC:45:87:4B:76:9B:E0:30:B6:88:BF
ValidityFri, 15 Mar 2024 06:26:26 GMT - Thu, 13 Jun 2024 06:26:25 GMT

File type
gzip compressed data, max speed, from Unix
Size
6.8 kB (6819 bytes)
Hash
aa8b7e2de96e54dce4ddbf0fabd747d6
16b6fc13dc9df904d9560b982622f101171e8a4a
a6e51122d26b6550e62808e466fce49a91aa46dabfa05a92ec2912cc724839ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=ljhVt_hwnQU97b6GhEaOvXk87aenOoPWvHmjsu5hkSnUXJGcFB-hghq-X8yquEC7hA2nWYoC2d4Sb0zU_qEYrn-DhBrh6jjAuoQxUAtI-kk_3YGIbc8niOobuumkYNousAhH8qIJocw7kicTLZhKIDCxACCgg9nyj3Q1f_iDhvtHH-QkUyfubnN88jX7rK1WQM_gD4GC7hETVqs-0sbRfDc3GsKG6IxKyJRrkzEywDeEcz0tYVqmokzBdNJn7yX66pX6Vkr9GV0%3D&request_ab2=0&zoneid=6869446&js_build=iclick-v1.782.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=619&wiw=1100&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1100&wfc=2&pl=https%3A%2F%2Fstreambtw.com%2Fiframe%2Fch1.php&drf=https%3A%2F%2Fcdn.xsportbox.com%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.782.0&navlng=en-US&pnt=0&pnrc=0&bs=cc51cb26-95b4-4064-bad3-cebba7b062d7&wasm=1&userId=0080496c1f33423ce8f9fd330e008223&m=link HTTP/1.1
Host: phomoach.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streambtw.com/
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Cookie: OAID=008049e069254d18e2d8c8e17792969e; oaidts=1714072586
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 19:16:27 GMT
content-type: application/json
x-trace-id: 781d9154160915d69017a38926517b11
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://streambtw.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080496c1f33423ce8f9fd330e008223; expires=Fri, 25 Apr 2025 19:16:27 GMT; path=/; secure; SameSite=None
oaidts=1714072587; expires=Fri, 25 Apr 2025 19:16:27 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 02 May 2024 19:16:27 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=fKtUzFbUUtjxOj0fmz2FBVQYeENYZUS7VCXzA7yRNGeFucreenHx1_MXRa3FdvfNCu9_cQ1OxVLmy_CWzFZirxdd9fdTZMm8CPEBuKe0hs0qWx5wuiQSOluyygT4S0wL
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
date: Thu, 25 Apr 2024 19:14:55 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 108
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

velocitycdn.com/script/resource-v31.js

188.114.96.1

200 OK

130 kB

URL GET HTTP/2
velocitycdn.com/script/resource-v31.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streambtw.com/iframe/ch1.php
Certificate
IssuerLet's Encrypt
Subjectvelocitycdn.com
Fingerprint74:75:26:C5:76:25:60:63:67:68:35:BB:99:9C:76:A4:7A:4E:EB:35
ValiditySun, 21 Apr 2024 20:47:01 GMT - Sat, 20 Jul 2024 20:47:00 GMT

File type

Size
130 kB (129748 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/resource-v31.js HTTP/1.1
Host: velocitycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 19:16:26 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPpRLcoLC8Od6Ae4gi332s4NPqdSf-tU_X8Aiz1xfIta3KxX_v1KhrxkwTa88RpsWhP1Ux8
x-goog-generation: 1714053212857685
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 129748
x-goog-hash: crc32c=0le3LA==, md5=4kTM0gHbevdBnltgQEQeGQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Thu, 25 Apr 2024 19:25:57 GMT
cache-control: public, max-age=3600
last-modified: Thu, 25 Apr 2024 13:53:32 GMT
etag: W/"e244ccd201db7af7419e5b6040441e19"
age: 1358
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NXGBJ4zys9QHzmvDJDZyUzyInvRX3wN%2FbY%2FNSqtFsYKgSDOV%2F%2BCjus%2BOBIMeWwv6UaLuO6d2Phf2u7IcRI33eIHvfFI4fvBaZM6ur9hsqSskZ8Qt%2F0b0iWxC74RJ%2FpA%2B0BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a0aadfccc456af-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

151.101.65.229

200 OK

525 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://streambtw.com/iframe/ch1.php
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type

Size
525 kB (525081 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.13
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
content-encoding: br
accept-ranges: bytes
date: Thu, 25 Apr 2024 19:16:26 GMT
age: 21832
x-served-by: cache-fra-etou8220029-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 145133
X-Firefox-Spdy: h2

ptaixout.net/?rb=eOPeAV1Vgd45mrLBWibbsDx5rLVaxt_nZMN20rOkVwauve_JlflGRzTFNKoGqdP-wyfwnfZZYlo6thKpbH0aP8mh7IO1SKiIWjrh_1YPjoIUx4sHaJYnJ_Fb1AVU0qNpoq_UH06g_T16CO_b9YgTuuSkUMLOP6HwBSvTXm3v4U3UA3pUItweeROqpoivySNNn7SDd81KSngyLudbC5VqmaxV7VTD1btLkpDnUKYlNBuGP8lJOoZT8FdGj1o5aqNJU18A4nbhQ1h-bIvP&request_ab2=0&zoneid=6320745&js_build=iclick-v1.782.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fcdn.xsportbox.com%2Fembed77%2F%3Fevent%3Dstack.html%26link%3D1%26domain%3D%26force%3Dhttps%3A%2F%2Fstreambtw.com%2Fiframe%2Fch1.php%26ask%3D1714075200%26lgt%3D3%26noplayer%3D1&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.782.0&navlng=en-US&pnt=0&pnrc=0&bs=cba015b4-b4bc-415c-b51d-44d785edfcd0&wasm=1&userId=0080496c1f33423ce8f9fd330e008223&m=link

139.45.197.244

200 OK

2.5 kB

URL GET HTTP/2
ptaixout.net/?rb=eOPeAV1Vgd45mrLBWibbsDx5rLVaxt_nZMN20rOkVwauve_JlflGRzTFNKoGqdP-wyfwnfZZYlo6thKpbH0aP8mh7IO1SKiIWjrh_1YPjoIUx4sHaJYnJ_Fb1AVU0qNpoq_UH06g_T16CO_b9YgTuuSkUMLOP6HwBSvTXm3v4U3UA3pUItweeROqpoivySNNn7SDd81KSngyLudbC5VqmaxV7VTD1btLkpDnUKYlNBuGP8lJOoZT8FdGj1o5aqNJU18A4nbhQ1h-bIvP&request_ab2=0&zoneid=6320745&js_build=iclick-v1.782.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fcdn.xsportbox.com%2Fembed77%2F%3Fevent%3Dstack.html%26link%3D1%26domain%3D%26force%3Dhttps%3A%2F%2Fstreambtw.com%2Fiframe%2Fch1.php%26ask%3D1714075200%26lgt%3D3%26noplayer%3D1&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.782.0&navlng=en-US&pnt=0&pnrc=0&bs=cba015b4-b4bc-415c-b51d-44d785edfcd0&wasm=1&userId=0080496c1f33423ce8f9fd330e008223&m=link
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://cdn.xsportbox.com/embed77/?event=stack.html&link=1&domain=&force=https://streambtw.com/iframe/ch1.php&ask=1714075200&lgt=3&noplayer=1
Certificate
IssuerLet's Encrypt
Subjectptaixout.net
Fingerprint68:9C:78:69:60:28:90:FB:1C:BD:D0:98:14:FB:F6:C2:C7:45:CD:5C
ValidityMon, 18 Mar 2024 05:39:00 GMT - Sun, 16 Jun 2024 05:38:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2488), with no line terminators
Size
2.5 kB (2465 bytes)
Hash
cecd74063e90b681d8e9ad5103b079ba
e2c8881230320a9a453e56df9daa4e1ed9b3ea3f
5f5638979ae1260cd608ed4416c965bcb10f78233d1220e2c8348085369ad729

HTTP Headers

GET /?rb=eOPeAV1Vgd45mrLBWibbsDx5rLVaxt_nZMN20rOkVwauve_JlflGRzTFNKoGqdP-wyfwnfZZYlo6thKpbH0aP8mh7IO1SKiIWjrh_1YPjoIUx4sHaJYnJ_Fb1AVU0qNpoq_UH06g_T16CO_b9YgTuuSkUMLOP6HwBSvTXm3v4U3UA3pUItweeROqpoivySNNn7SDd81KSngyLudbC5VqmaxV7VTD1btLkpDnUKYlNBuGP8lJOoZT8FdGj1o5aqNJU18A4nbhQ1h-bIvP&request_ab2=0&zoneid=6320745&js_build=iclick-v1.782.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fcdn.xsportbox.com%2Fembed77%2F%3Fevent%3Dstack.html%26link%3D1%26domain%3D%26force%3Dhttps%3A%2F%2Fstreambtw.com%2Fiframe%2Fch1.php%26ask%3D1714075200%26lgt%3D3%26noplayer%3D1&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.782.0&navlng=en-US&pnt=0&pnrc=0&bs=cba015b4-b4bc-415c-b51d-44d785edfcd0&wasm=1&userId=0080496c1f33423ce8f9fd330e008223&m=link HTTP/1.1
Host: ptaixout.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.xsportbox.com/
Origin: https://cdn.xsportbox.com
DNT: 1
Connection: keep-alive
Cookie: OAID=0080496c1f33423ce8f9fd330e008223; oaidts=1714072586
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 19:16:26 GMT
content-type: application/json
x-trace-id: ca0582c57e2f3d604b66f30cda7d4b56
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://cdn.xsportbox.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080496c1f33423ce8f9fd330e008223; expires=Fri, 25 Apr 2025 19:16:26 GMT; path=/; secure; SameSite=None
oaidts=1714072586; expires=Fri, 25 Apr 2025 19:16:26 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 02 May 2024 19:16:26 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

youradexchange.com/script/suurl5.php?r=7102142&cbur=0.38485371352517206&cbiframe=1&cbWidth=1100&cbHeight=619&cbtitle=&cbpage=https%3A%2F%2Fcdn.xsportbox.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=velocitycdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714072586524&srs=6c3ef7e0417a3c45dd29065e94b7bce6&atv=48.0-sw-suv5

104.21.91.188

200 OK

1.0 kB

URL GET HTTP/2
youradexchange.com/script/suurl5.php?r=7102142&cbur=0.38485371352517206&cbiframe=1&cbWidth=1100&cbHeight=619&cbtitle=&cbpage=https%3A%2F%2Fcdn.xsportbox.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=velocitycdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714072586524&srs=6c3ef7e0417a3c45dd29065e94b7bce6&atv=48.0-sw-suv5
IP
104.21.91.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streambtw.com/iframe/ch1.php
Certificate
IssuerGoogle Trust Services LLC
Subjectyouradexchange.com
FingerprintD5:0B:42:43:E8:69:FA:76:AA:C8:B3:28:9A:EB:33:C4:6F:62:7A:2B
ValiditySun, 14 Apr 2024 01:48:20 GMT - Sat, 13 Jul 2024 01:48:19 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1043), with no line terminators
Size
1.0 kB (1017 bytes)
Hash
b0e72feb81b9158e7203dd7f4bc51ce2
a86202fc369628ec1f20620062d172be5315b6a5
17452be3eca5cbcba00e7eec3123ab49c4d5fa2f8abee67379a32c7630a81e38

HTTP Headers

GET /script/suurl5.php?r=7102142&cbur=0.38485371352517206&cbiframe=1&cbWidth=1100&cbHeight=619&cbtitle=&cbpage=https%3A%2F%2Fcdn.xsportbox.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=velocitycdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714072586524&srs=6c3ef7e0417a3c45dd29065e94b7bce6&atv=48.0-sw-suv5 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streambtw.com/
Origin: https://streambtw.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 19:16:26 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CzhcOQxuZsBcCpSu4Gs4DtA2dcRiEoPY6nO2ryEt8BrK8rtHbrZRZBUX8%2BoWCQtJg2fiwZWLLrHcKGXhlwZ7jOS8tMKPBmm%2BdgUCiVra7urXc8UuqhrAkZTw73rDJQOis5p%2BJjk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a0aae23b2356c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

velocitycdn.com/script/suv5.js

188.114.96.1

200 OK

74 kB

URL GET HTTP/3
velocitycdn.com/script/suv5.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streambtw.com/iframe/ch1.php
Certificate
IssuerLet's Encrypt
Subjectvelocitycdn.com
Fingerprint74:75:26:C5:76:25:60:63:67:68:35:BB:99:9C:76:A4:7A:4E:EB:35
ValiditySun, 21 Apr 2024 20:47:01 GMT - Sat, 20 Jul 2024 20:47:00 GMT

File type

Size
74 kB (74190 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/suv5.js HTTP/1.1
Host: velocitycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 19:16:26 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPq5jRYrh8vivN42gsz6Fg5X0TvvOrLQsal539IQGNc4ZJa0Ge75UcbOJxsjja9Qw4yXFz0FTeHHOQ
expires: Thu, 25 Apr 2024 19:14:40 GMT
cache-control: public, max-age=3600
last-modified: Thu, 25 Apr 2024 13:54:16 GMT
etag: W/"53ba90f485782e771086791c3c8105f5"
x-goog-generation: 1714053256821370
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 74190
x-goog-hash: crc32c=zXltzg==, md5=U7qQ9IV4LncQhnkcPIEF9Q==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 1358
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A6S3znSeu9sJcgL1AbNgULJQ1CAs3TJxS00%2Fx7ZLa%2BD1uy2E6T9eoKIfZZ83MFOEZ9aMdz9Agu5hOQt9cWX7z2t4zZ%2F4lnK68Z6Ubd5giT3m5SdjJP44IrZxj%2BWztdKFc8o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a0aae1793356a5-OSL
content-encoding: br

irondai.com/script/resource-v31.js

188.114.97.1

200 OK

130 kB

URL GET HTTP/2
irondai.com/script/resource-v31.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streambtw.com/iframe/ch1.php
Certificate
IssuerLet's Encrypt
Subjectirondai.com
FingerprintE4:7A:85:20:19:DB:C7:D6:50:62:D5:B9:D7:E6:7D:2B:72:7B:F3:90
ValiditySun, 24 Mar 2024 04:40:01 GMT - Sat, 22 Jun 2024 04:40:00 GMT

File type

Size
130 kB (129748 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/resource-v31.js HTTP/1.1
Host: irondai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 19:16:26 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPpRLcoLC8Od6Ae4gi332s4NPqdSf-tU_X8Aiz1xfIta3KxX_v1KhrxkwTa88RpsWhP1Ux8
x-goog-generation: 1714053212857685
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 129748
x-goog-hash: crc32c=0le3LA==, md5=4kTM0gHbevdBnltgQEQeGQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Thu, 25 Apr 2024 19:25:57 GMT
cache-control: public, max-age=14400
last-modified: Thu, 25 Apr 2024 13:53:32 GMT
etag: W/"e244ccd201db7af7419e5b6040441e19"
age: 1358
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n2ovH6AJSgM8%2B1D7281PZetW%2BOTZMlsSavb4Huh5q1VnQoziHsncnx2tCSpJYiJCCw520K%2FnNeipGdw9NueROTj8e%2FtcWCM9l6T4f%2F5TGdpYyQS0r5I9cO9RWiWmGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a0aae1bef756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

streambtw.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

188.114.97.1

200 OK

12 kB

URL GET HTTP/3
streambtw.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streambtw.com/iframe/ch1.php
Certificate
IssuerGoogle Trust Services LLC
Subjectstreambtw.com
FingerprintD8:97:8E:55:E7:91:FA:80:DF:3A:35:36:D3:6C:CC:D6:6B:27:D9:3E
ValiditySun, 31 Mar 2024 23:25:29 GMT - Sat, 29 Jun 2024 23:25:28 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: streambtw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/iframe/ch1.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 19:16:25 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HBYWUXGnbpxiI8qvtTCUEOnlAfoChDOMMF13FGMxUBsTgIizLF1Ge6kK%2F%2FKanwduxUHKx%2BdDLn4Qup7rLQ15rYwlgX8F1CAHLYQpOrH9qRudbeR0NPggccAzsD%2FfQUSR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a0aade5a8a0afe-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 27 Apr 2024 19:16:25 GMT
cache-control: max-age=172800, public
content-encoding: gzip

velocitycdn.com/script/ut.js?cb=1714072586320

188.114.96.1

200 OK

63 kB

URL GET HTTP/3
velocitycdn.com/script/ut.js?cb=1714072586320
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://streambtw.com/iframe/ch1.php
Certificate
IssuerLet's Encrypt
Subjectvelocitycdn.com
Fingerprint74:75:26:C5:76:25:60:63:67:68:35:BB:99:9C:76:A4:7A:4E:EB:35
ValiditySun, 21 Apr 2024 20:47:01 GMT - Sat, 20 Jul 2024 20:47:00 GMT

File type

Size
63 kB (62975 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/ut.js?cb=1714072586320 HTTP/1.1
Host: velocitycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://streambtw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 19:16:26 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPpcoQbo3YqiKuftigQdk6NsrDuvXbI4-6Ey6nVnurRsStUsEYz9hYW8bpxb1L6blCkznHUKcRXnpQ
x-goog-generation: 1714053300452258
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62975
x-goog-hash: crc32c=f8d0YQ==, md5=vEgeNFwEtFNOCk5UoPLBxg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Thu, 25 Apr 2024 19:44:27 GMT
cache-control: public, max-age=3600
last-modified: Thu, 25 Apr 2024 13:55:00 GMT
etag: W/"bc481e345c04b4534e0a4e54a0f2c1c6"
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2FIhIV5hjVCUkuaG3fttN5soDNl7ycYMA0bkcX%2B6DhZ2h%2BcbItzqJ3uxnUOb%2FpdwqNz0mZjZcjkYgEXGnvmi13bfihEi6DjbNvbbzju3KFwADrplhv6hJMsab1%2FdR8qFpbY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a0aae1793256a5-OSL
content-encoding: br

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML