Data We Store
Transparency matters. This page explains exactly what data IPTV Sleuth stores when you submit a provider, and what we explicitly do not store.
We never store Xtream usernames, passwords, or any login credentials.
Credentials are used only in-memory to fetch metrics and are discarded immediately after.
What We Store
Provider Information
Submitted by you via the form. This is the core data used for comparisons.
| Field | Description |
|---|---|
| Provider name | The name you give the provider |
| Link / URL | Optional link to the provider or seller |
| Content counts | Live streams, live categories, series, series categories, VOD categories |
| Seller source | Where the provider was found (e.g. Z2U, Reddit) |
| Seller details | Optional seller username or shop name |
Submission Metadata
Recorded each time a provider is submitted.
| Field | Description |
|---|---|
| IP address | Your IP at time of submission, for abuse prevention only |
| Timestamp | When the submission was made |
Provider Fingerprint
Generated automatically from the Xtream API if credentials are provided. These are statistical summaries used to compare providers — they contain no personal or account-specific data.
| Field | Description |
|---|---|
| Server URL & IP | The provider's server address and resolved IP |
| Server timezone | Timezone reported by the server |
| MinHash signatures | Compact statistical fingerprints of stream IDs, channel names, EPG IDs, VOD IDs, and series IDs — used for similarity comparison, not reversible to original data |
| Category IDs & names | Lists of category identifiers and names for live, series, and VOD |
| Icon domains | Unique domains found in stream icon/cover URLs |
| Timestamp samples | Sampled "added" timestamps from streams (every 50th entry) |
| Channel numbers | Channel number assignments |
| Server ports | HTTP, HTTPS, and RTMP port numbers |
| User message | Server welcome/broadcast message (if any) |
| Output formats | Allowed streaming output formats |
| EPG source domain | Domain serving the EPG/XMLTV data |
| Backend type | Detected panel software (e.g. XtreamCodes, Stalker) |
| Stream token format | Type of authentication token used for streams |
| Backend stream IPs | Resolved IPs of content delivery servers |
| SSL fingerprint | Certificate serial hash, SANs, and issuer |
| HTTP headers | Server software and cache-control headers |
| Derived statistics | Content age histogram, category-stream distribution, category hierarchy, stream type distribution |
What We Do NOT Store
| Data | Details |
|---|---|
| Usernames & passwords | Xtream credentials are used in-memory only and never written to the database or disk |
| Stream URLs | We do not store any playable stream or VOD URLs |
| Stream content | No video, audio, or media content is downloaded or stored |
| EPG / programme data | We only note the EPG source domain, not the programme guide itself |
| Individual channel names | Channel names are converted to MinHash signatures and then discarded — the original names are not stored |
| Cookies or tracking | We do not use cookies, analytics trackers, or advertising pixels |