Report - hdtoday.cc/

Report Overview

Visited public
2023-12-01 20:05:52
Tags
URL
hdtoday.cc/
Finishing URL
hdtoday.cc/
IP / ASN
172.67.222.140
#13335 CLOUDFLARENET
Title
HDtoday - Watch Movies Online Free | Watch Series HD Free

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-12-01 05:09:17	433 B	32 kB	104.17.25.14
img.hdtoday.cc	unknown	2022-02-01	2022-03-30 15:00:41	2023-11-25 18:59:52	1.0 kB	71 kB	104.21.43.73
use.fontawesome.com	942	2012-10-18	2017-01-30 05:43:25	2023-12-01 05:12:17	976 B	118 kB	172.64.140.13
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-12-01 08:06:52	442 B	52 kB	104.18.10.207
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-01 08:07:42	437 B	31 kB	172.217.21.170
hdtoday.cc	unknown	2022-02-01	2022-02-14 09:46:59	2023-10-22 19:46:07	2.7 kB	68 kB	104.21.43.73
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-01 05:29:09	1.6 kB	50 kB	216.58.207.227
whoursie.com	unknown	2022-10-26	2022-10-26 10:26:37	2023-12-01 06:10:38	845 B	31 kB	139.45.197.237
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15 22:36:43	2023-12-01 06:54:36	459 B	93 kB	104.18.10.207
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-01 08:02:13	451 B	9.1 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-01 20:05:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-01 20:05:38	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-01 20:05:39	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-01 20:05:39	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-01	medium	whoursie.com	Sinkholed
2023-12-01	medium	whoursie.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (19)

	URL	From	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-05-10
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 172.217.21.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 11:04 Times Seen57480 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	hdtoday.cc/js/group_1/app.min.js?v=6.3	ScriptElement	28 kB	2023-07-10	2025-04-07
Pretty URL hdtoday.cc/js/group_1/app.min.js?v=6.3 IP 104.21.43.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-10 11:38 Last Seen2025-04-07 01:40 Times Seen179 Hash 6de46a7fa9c8a9bf98dc4722f4723db0 9db905f1924b05d14f28adcf0d923e3042980690 6b2da9a037c78cfb5c0347bc234babb63abfe0f15dc755fdb0e092a572bd0a09 Loading...

	unknown	Function	759 B	2023-04-13	2025-01-27
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 10:04 Last Seen2025-01-27 02:41 Times Seen194 Hash f2423e0fb745a0a938ea171936dc8ab7 d3d871b860daa4f923393a08ed5e020c591974f8 2f06b741e27c27039ebc0cbfe33b922c73f949b9902610f698e9523be7c04dbb Loading...

	cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js	ScriptElement	94 kB	2023-03-07	2025-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-10 05:33 Times Seen1759 Hash 17e942ea0854bd9dce2070bae6826937 434cdec1669f2c6c7406297a72120936bc56ed52 72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26 Loading...

	hdtoday.cc/	ScriptElement	155 B	2023-04-09	2024-10-04
Pretty URL hdtoday.cc/ IP 104.21.43.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-09 18:25 Last Seen2024-10-04 11:10 Times Seen14 Hash a2c3d91c4c27815265b8ae9134ec22a0 9465f2d06ea25198e2768a5dbd70467ae3efd58a e3d217d53486ae6cd20303cf7abdad573aab88f8868d18e424d96e1e832b4f38 Loading...

	unknown	Function	873 B	2023-04-13	2024-10-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 18:23 Last Seen2024-10-04 11:10 Times Seen8 Hash b6419af591451f78706f75adfe41f943 61dbace1ae3cb3b3cfb540d39dfe4f943235213f 52ec15163587d37a6e237938a90f67d00589f82f4c43dcbc50bc7c6fa31d3ae9 Loading...

	unknown	Function	283 B	2023-04-13	2025-01-13
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 18:23 Last Seen2025-01-13 11:37 Times Seen13 Hash 4371db9e3653e708b340b5203ae41dad 06755c8639a5fbcb0f5ca1a718e4fdc3ce9d01dc 11f535dba87f48c8e259fb01eb925e5d764e7ce2cd13d0d5528449a23c8e053b Loading...

	hdtoday.cc/	ScriptElement	59 kB	2023-04-09	2024-10-04
Pretty URL hdtoday.cc/ IP 104.21.43.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-09 18:25 Last Seen2024-10-04 11:10 Times Seen14 Hash 94dd4e8a91e672446a41ceaf1bf61395 5f59df19ef43bb5410a2e48e18f2167b4b89bc11 c8e53f814f32beeca50b4f0be6bc44f63543e7264b044891149078ac457ecdd8 Loading...

	unknown	Function	1.1 kB	2023-04-13	2024-10-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 18:23 Last Seen2024-10-04 11:10 Times Seen8 Hash 1d8642b8e99ec8d90fad9f87b8ec52c4 01141c31fcf23c60572e0cecac258fd4c9386a51 684c0f2ee6237a46c424d635876a7af59bba3a4f02b004f205f8914fe8767183 Loading...

	unknown	Function	361 B	2023-04-13	2024-10-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 18:23 Last Seen2024-10-04 11:10 Times Seen8 Hash 739ed0aaff7106f7cbcced0d57b3b4e0 01076ba38c3540763ed92d0443ba175773271628 3b4da7085cd604749a598673544adc5ccb1f4180278535d3f41bef8f4e1375e2 Loading...

	unknown	Function	152 B	2023-10-14	2025-01-13
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-10-14 21:17 Last Seen2025-01-13 11:37 Times Seen12 Hash 7a8dd819ef90e283eb7dd2795c59336d bc4047654f9c0600680b8ff3da337cb9e1ec4025 60f0b5669bb7d040e651515b29804936d00f5084a3fc91b12cffbc131bf2fd2d Loading...

	unknown	Function	289 B	2023-04-13	2025-01-27
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 10:04 Last Seen2025-01-27 02:41 Times Seen201 Hash bb3ca3e16d4c50ef755f46b070e34757 d97232984ffaec39d400385131b03559db4f6956 72899456d8908d40248fe17e3c0bfdd3f120fc28dea3f70a4907ff5ddb6a030f Loading...

	unknown	Function	575 B	2023-04-13	2025-01-13
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 18:23 Last Seen2025-01-13 11:37 Times Seen13 Hash 18c4024b8d2056be134b33aa6383e2d6 b9e9d6a950142293ca3225b2402d6a891273412f 0574f5a12b2cebbffe65b6f32990e6ebac6dfca1cbd41e136e6972ed4e62b715 Loading...

	hdtoday.cc/	ScriptElement	446 B	2023-04-09	2024-10-04
Pretty URL hdtoday.cc/ IP 104.21.43.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-09 18:25 Last Seen2024-10-04 11:10 Times Seen14 Hash af7482de3366439d5d90a3a9f40beed8 c9b6600b8d390d24b0a614c828881fe3c437802f 75f13a89ffc31492018c3605ecf1bcc8df1509572dd012f27b6dae641bbf5307 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-05-10
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 11:04 Times Seen98895 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	hdtoday.cc/	ScriptElement	29 B	2023-03-07	2025-05-06
Pretty URL hdtoday.cc/ IP 104.21.43.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34 Last Seen2025-05-06 14:56 Times Seen280 Hash 1b7fdd744c60ca3a67ba0df5e9ac66ff a7ea5e13282f866e9132bb0eb095245da0788a37 abcb1af09d6eb4cd696f7844dc4c02883d673fccfeeb2369ff588b84964d7d36 Loading...

	unknown	Function	1.2 kB	2023-10-14	2024-10-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-10-14 21:17 Last Seen2024-10-04 11:10 Times Seen7 Hash 668599afe078d88baef7897c9fe2340d 8f32e86afbc9f494173e13713f4966850af8dc02 e755c436148b4498ed6018333f3e378e5b8a53a131e65b25ccb31e3ecd8ed8c8 Loading...

	unknown	Function	164 B	2023-10-14	2024-10-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-10-14 21:17 Last Seen2024-10-04 11:10 Times Seen7 Hash 4bf0094e1cfe2d7b544f94b9e0c25d31 b38758b8897cba5a83b88b06e7517ddabf992199 068172176edae0044a3b9a4d8f72c9b0ba400381a470cc19a1326689511c638d Loading...

	unknown	Function	34 B	2023-04-11	2025-05-10
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16 Last Seen2025-05-10 10:49 Times Seen67027 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

HTTP Transactions (20)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js

104.17.25.14

200 OK

31 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hdtoday.cc/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65449)
Size
31 kB (30769 bytes)
Hash
17e942ea0854bd9dce2070bae6826937
434cdec1669f2c6c7406297a72120936bc56ed52
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26

HTTP Headers

GET /ajax/libs/vue/2.6.10/vue.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdtoday.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:05:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 30769
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0402c-16deb"
last-modified: Mon, 04 May 2020 16:17:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 478066
expires: Wed, 20 Nov 2024 20:05:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIKRTSogJLIDtsZf%2FinCQ5GsUFhy4oMW%2Bh1A0yraHQe%2Be5oKdiY7ZOw0dHj5Q3Uynt%2BiYeRJr14TZkZOGvzLmLPxyPapkuIBoHy3TXwr1REAjA286DrAm93ZVeBhWqhU6zQYKnrG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82edf219cee8b4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.hdtoday.cc/xxrz/400x400/100/c4/93/c49337aa9c92d6fbf56b6b5830c6849c/c49337aa9c92d6fbf56b6b5830c6849c.png

104.21.43.73

200 OK

60 kB

URL GET HTTP/3
img.hdtoday.cc/xxrz/400x400/100/c4/93/c49337aa9c92d6fbf56b6b5830c6849c/c49337aa9c92d6fbf56b6b5830c6849c.png
IP
104.21.43.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hdtoday.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjecthdtoday.cc
Fingerprint0D:A3:4E:60:77:29:6B:15:85:45:1F:67:19:F0:BC:28:06:A8:8C:B8
ValiditySat, 25 Nov 2023 08:26:12 GMT - Fri, 23 Feb 2024 08:26:11 GMT

File type
PNG image data, 400 x 125, 8-bit/color RGBA, interlaced\012- data
Size
60 kB (59975 bytes)
Hash
9f05cc961d9a0557b742f931001cb105
ca5d61aad72348b372a93098f8eb053f79011aaf
0aa0f8fe37240d47510d6f0c952c45c3fb9db038f0eed0bae80394da69690a24

HTTP Headers

GET /xxrz/400x400/100/c4/93/c49337aa9c92d6fbf56b6b5830c6849c/c49337aa9c92d6fbf56b6b5830c6849c.png HTTP/1.1
Host: img.hdtoday.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdtoday.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 20:05:34 GMT
content-type: image/png
content-length: 59975
last-modified: Wed, 08 Sep 2021 06:14:50 GMT
vary: Accept-Encoding
etag: W/"613854da-e83d"
x-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 7160
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eN%2B7Qkf1y0gwU84ZMyGokTvBk5IeErqZlv0rlaE7JF%2FsFH6HCAeiBM1r9Y5QOLefJGyr56UR9o%2FLDb6eiEvRDln7RHlMxdE%2BYlBYwv2wWQYhXi%2FCAg7TPSaflUyDI%2FDJ5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82edf219dec9b4f9-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

172.217.21.170

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
172.217.21.170:443
ASN
#15169 GOOGLE

Requested by
https://hdtoday.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdtoday.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 17:33:53 GMT
expires: Thu, 28 Nov 2024 17:33:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 181901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hdtoday.cc/

104.21.43.73

200 OK

0 B

URL User Request GET HTTP/2
hdtoday.cc/
IP
104.21.43.73:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjecthdtoday.cc
Fingerprint0D:A3:4E:60:77:29:6B:15:85:45:1F:67:19:F0:BC:28:06:A8:8C:B8
ValiditySat, 25 Nov 2023 08:26:12 GMT - Fri, 23 Feb 2024 08:26:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: hdtoday.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdtoday.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 20:05:34 GMT
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElLmVHLGwjJ2O9WTl9wkqbc7eUCqgyc0584kqP6zKbxnBKVoVvc34f8inO4hMZwsq7GMALu0NU%2BjfhvdDvzi3hPmohjjOiCO15WicJlZhWx9Lx0jj0a47eflWhtu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82edf21c5b45b4f9-OSL
alt-svc: h3=":443"; ma=86400

hdtoday.cc/images/group_1/theme_7/homesearch-bg.jpg

104.21.43.73

200 OK

28 kB

URL GET HTTP/3
hdtoday.cc/images/group_1/theme_7/homesearch-bg.jpg
IP
104.21.43.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hdtoday.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjecthdtoday.cc
Fingerprint0D:A3:4E:60:77:29:6B:15:85:45:1F:67:19:F0:BC:28:06:A8:8C:B8
ValiditySat, 25 Nov 2023 08:26:12 GMT - Fri, 23 Feb 2024 08:26:11 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1500x500, components 3\012- data
Size
28 kB (27744 bytes)
Hash
4336249c7ccd31014f39e9aa9e546fa9
fe14cb1b1badd0ad003a2c2d645ab6b9a04663ab
3d8d5a0c528d10771b255a5f62abe96ec554b48f01e3263500119344e096ae43

HTTP Headers

GET /images/group_1/theme_7/homesearch-bg.jpg HTTP/1.1
Host: hdtoday.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdtoday.cc/css/group_1/theme_7/home.css?v=0.3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 20:05:34 GMT
content-type: image/jpeg
content-length: 27744
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
cache-control: public, max-age=2592000
last-modified: Wed, 15 Feb 2023 19:06:08 GMT
etag: W/"6c60-18656784818"
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 827324
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yneARbgxhCAAMrtY6%2FekIJCshuxGq7KqwXsEUDaPYADAxedwgmcH53ueKwrScaFYI5vpRgY4y2Cgw6nvwc09bxb4oO681H%2B6yndr9gDQQWD8cU9BH%2FvshvbQkYY9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82edf21cfc55b4f9-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hdtoday.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hdtoday.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 07:29:35 GMT
expires: Fri, 29 Nov 2024 07:29:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 131759
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hdtoday.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hdtoday.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 168698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hdtoday.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hdtoday.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 140880
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

whoursie.com/tag.min.js

139.45.197.237

200 OK

26 kB

URL GET HTTP/2
whoursie.com/tag.min.js
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://hdtoday.cc/
Certificate
IssuerLet's Encrypt
Subjectwhoursie.com
FingerprintE6:9B:BD:04:21:08:48:F2:96:91:7A:0D:C0:C3:20:3E:0F:43:04:22
ValidityThu, 30 Nov 2023 05:09:17 GMT - Wed, 28 Feb 2024 05:09:16 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (25614 bytes)
Hash
2ca7439c7a9d90e8b23ea3f45c6d2855
1f852c2e988cbaa5f5f96aec20b7ec58ef319433
acde092db547676737a69286cd1b918234e57edcc641ca1d7a55bfca7f74815f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: whoursie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdtoday.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:05:34 GMT
content-type: text/javascript; charset=utf-8
content-length: 25614
content-encoding: br
x-trace-id: 1861eb3ac1f77cc9ac478b47329231f0
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 01 Dec 2023 17:29:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

104.18.10.207

200 OK

92 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hdtoday.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (65324)
Size
92 kB (92184 bytes)
Hash
7cc40c199d128af6b01e74a28c5900b0
d305110fb79113a961394b433d851a3410342b8c
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

HTTP Headers

GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdtoday.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:05:34 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 10/31/2023 19:00:00
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: bae8a1587e900a782629330c8ed740ae
cdn-cache: HIT
cf-cache-status: HIT
age: 656780
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82edf219cc7a0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.hdtoday.cc/xxrz/100x100/100/ed/2a/ed2a7fa3244ddc585a0a0fdbaf835359/ed2a7fa3244ddc585a0a0fdbaf835359.png

104.21.43.73

200 OK

10 kB

URL GET HTTP/3
img.hdtoday.cc/xxrz/100x100/100/ed/2a/ed2a7fa3244ddc585a0a0fdbaf835359/ed2a7fa3244ddc585a0a0fdbaf835359.png
IP
104.21.43.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hdtoday.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjecthdtoday.cc
Fingerprint0D:A3:4E:60:77:29:6B:15:85:45:1F:67:19:F0:BC:28:06:A8:8C:B8
ValiditySat, 25 Nov 2023 08:26:12 GMT - Fri, 23 Feb 2024 08:26:11 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, interlaced\012- data
Size
10 kB (10050 bytes)
Hash
0fe3396572db94f3d5cb83693fa92768
0e56e8f0f671e23ef985613cc8560b8229bc7624
27bff1b99ab02933f5aeb8d063677d44f7220b5a6ce9f9fb1420b68694a68d93

HTTP Headers

GET /xxrz/100x100/100/ed/2a/ed2a7fa3244ddc585a0a0fdbaf835359/ed2a7fa3244ddc585a0a0fdbaf835359.png HTTP/1.1
Host: img.hdtoday.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdtoday.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 20:05:35 GMT
content-type: image/png
content-length: 10050
last-modified: Wed, 08 Sep 2021 06:14:50 GMT
vary: Accept-Encoding
etag: W/"613854da-902e"
x-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3087
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMFdJANF7jk1pMn2UG4fVPa%2BhP6K80i20Www%2BNtQa0X7ZuPq8uj9RRjWrEzA7eD5E3WzCY2QyNEWMf3SUGuqH6PDLf80c8Cww10htLq1NP3eNT8BiLyPahX9BFV8wnQ1Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82edf2224bd6b4f9-OSL
alt-svc: h3=":443"; ma=86400

hdtoday.cc/ajax/verify?domain=hdtoday.cc

104.21.43.73

200 OK

15 B

URL GET HTTP/3
hdtoday.cc/ajax/verify?domain=hdtoday.cc
IP
104.21.43.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hdtoday.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjecthdtoday.cc
Fingerprint0D:A3:4E:60:77:29:6B:15:85:45:1F:67:19:F0:BC:28:06:A8:8C:B8
ValiditySat, 25 Nov 2023 08:26:12 GMT - Fri, 23 Feb 2024 08:26:11 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
28ec1eee5f4049e3c4f2135069c1d2c8
3505519507ca1c2a089c46e100b80408ca278421
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

HTTP Headers

GET /ajax/verify?domain=hdtoday.cc HTTP/1.1
Host: hdtoday.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://hdtoday.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 20:05:35 GMT
content-type: application/json; charset=utf-8
content-length: 15
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
content-language: en
etag: W/"f-NQVRlQfKHCoInEbhALgECMonhCE"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FsMtUXwAY37Fof%2Bwiy4nl%2BlYBwINcsSfEl%2FYWeEdz1Pr5qRK%2BGEk5jJJEPn7PHitsdH%2BZh3GHBTbUK3TneGq7tS5SbNrjxgBr%2FOWc62tFBcZ%2BoAVKIYpq5DI%2FUz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82edf2224bd9b4f9-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:300,400,500,700

142.250.74.106

200 OK

8.5 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://hdtoday.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (8716), with no line terminators
Size
8.5 kB (8492 bytes)
Hash
1303310bf811cbabe52e473a56247b05
76a5d89fcefb4e769642a6636f439f3f03833429
ccc9d8c0b923b1470e8ddb0309ed98c9419fd7abb32ead3c0dcebbc30ea84778

HTTP Headers

GET /css?family=Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdtoday.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Dec 2023 20:05:34 GMT
date: Fri, 01 Dec 2023 20:05:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.3.1/css/all.css

172.64.140.13

200 OK

49 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.3.1/css/all.css
IP
172.64.140.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hdtoday.cc/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (48464)
Size
49 kB (48649 bytes)
Hash
10519cfd3206802f58315b877a9beab5
03232d7095b4a14b88810a0ffe76ae50726c23c6
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

HTTP Headers

GET /releases/v5.3.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdtoday.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:05:34 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"10519cfd3206802f58315b877a9beab5"
last-modified: Fri, 22 Sep 2023 01:45:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 134870
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KFbaqmx%2BI8SfCn%2FWqDuKE0%2Fnw7xRca%2B1TQrAhfsjYC1%2Fqgd3%2FwXtjGHV0LhKwMrw3sYUNjlbM9uVZQB%2BFfdx%2FOh%2FYO2BCwqcdTnMrAQRRJphduojHhp2fV6WvhCqaH9j8zYQs11"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82edf21affb96558-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hdtoday.cc/css/group_1/theme_7/home.css?v=0.3

104.21.43.73

200 OK

6.8 kB

URL GET HTTP/3
hdtoday.cc/css/group_1/theme_7/home.css?v=0.3
IP
104.21.43.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hdtoday.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjecthdtoday.cc
Fingerprint0D:A3:4E:60:77:29:6B:15:85:45:1F:67:19:F0:BC:28:06:A8:8C:B8
ValiditySat, 25 Nov 2023 08:26:12 GMT - Fri, 23 Feb 2024 08:26:11 GMT

File type
ASCII text, with very long lines (6876), with no line terminators
Size
6.8 kB (6780 bytes)
Hash
51e2ea22c5ea34181e3b8b313aacc544
d0d01c50d8ffb7ae81c003b7f3edabc576c84e1e
dc08cc04a2cde4a150b7735c2fdc06beb4ba24c68ba464185facfa91fedb1996

HTTP Headers

GET /css/group_1/theme_7/home.css?v=0.3 HTTP/1.1
Host: hdtoday.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdtoday.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 01 Dec 2023 20:05:34 GMT
content-type: text/css; charset=UTF-8
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
cache-control: public, max-age=2592000
last-modified: Wed, 15 Feb 2023 19:06:08 GMT
etag: W/"1a7c-186567847f6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 297322
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpXwFdUNMGVDlsM8o8DM19JFhY0yWbGzS8jHPhPuSmzmP99XlY5fKpFCDoWuxFw6q6t6KwimLcGUvhEh%2BrWmI3NL%2BreaSmHK45epJ0xjcW6%2BphCXYDPepwPukDoo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82edf219ae4fb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

whoursie.com/5/5631176/?oo=1&aab=1

139.45.197.237

200 OK

2.8 kB

URL GET HTTP/2
whoursie.com/5/5631176/?oo=1&aab=1
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://hdtoday.cc/
Certificate
IssuerLet's Encrypt
Subjectwhoursie.com
FingerprintE6:9B:BD:04:21:08:48:F2:96:91:7A:0D:C0:C3:20:3E:0F:43:04:22
ValidityThu, 30 Nov 2023 05:09:17 GMT - Wed, 28 Feb 2024 05:09:16 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3007), with no line terminators
Size
2.8 kB (2767 bytes)
Hash
7b5dd7f5fb981eaff946704a94412950
3f448263022077d38bbcba6ca3e7045f2113c420
84a35941012758403669b0937fb87cd9e48108ea84116c59b583952cb5769189

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/5631176/?oo=1&aab=1 HTTP/1.1
Host: whoursie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdtoday.cc
DNT: 1
Connection: keep-alive
Referer: https://hdtoday.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 20:05:34 GMT
content-type: application/json
x-trace-id: c1c92f158078b8e8bfc9651853ff5074
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://hdtoday.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=4ed9542d52bb44688db229571cffc3d2; expires=Sat, 30 Nov 2024 20:05:34 GMT; path=/; secure; SameSite=None
oaidts=1701461134; expires=Sat, 30 Nov 2024 20:05:34 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

hdtoday.cc/ajax/login-state

104.21.43.73

200 OK

291 B

URL GET HTTP/3
hdtoday.cc/ajax/login-state
IP
104.21.43.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hdtoday.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjecthdtoday.cc
Fingerprint0D:A3:4E:60:77:29:6B:15:85:45:1F:67:19:F0:BC:28:06:A8:8C:B8
ValiditySat, 25 Nov 2023 08:26:12 GMT - Fri, 23 Feb 2024 08:26:11 GMT

File type
HTML document text\012- troff or preprocessor input, ASCII text, with very long lines (328), with no line terminators
Size
291 B (291 bytes)
Hash
a2cbfe314aad90eb1495a55f9b17eaa3
23be0c8498d2dad4b2f53c9b2bfcf66cef553e35
3c92def4fba947fc346a7b10b49c94cb9b20d23522d9fea4306d736f58540049

HTTP Headers

GET /ajax/login-state HTTP/1.1
Host: hdtoday.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://hdtoday.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 01 Dec 2023 20:05:35 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
content-language: en
etag: W/"123-PAQXid/TKA5MRawKtUmEVbPbJ/M"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gBWay%2B5jwswOx6n8gHXX4kR6Ys0BmkBbXTY4BWMJqvTDSapntYl%2FA4XfJebHuCcBYZB%2By4lMAGvuIQcA5KDchXcQ%2B8rlXnM8JyoFvBIyL%2BLjc%2F%2Bidk3EMxksgHf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82edf2224bd7b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.10.207

200 OK

51 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hdtoday.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (50758)
Size
51 kB (51039 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdtoday.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:05:34 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"67176c242e1bdc20603c878dee836df3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 10/31/2023 18:58:40
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b4cfe8e30360f11c0ed964a925f5154c
cdn-cache: HIT
cf-cache-status: HIT
age: 408826
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82edf219dc7f0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hdtoday.cc/js/group_1/app.min.js?v=6.3

104.21.43.73

200 OK

28 kB

URL GET HTTP/3
hdtoday.cc/js/group_1/app.min.js?v=6.3
IP
104.21.43.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hdtoday.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjecthdtoday.cc
Fingerprint0D:A3:4E:60:77:29:6B:15:85:45:1F:67:19:F0:BC:28:06:A8:8C:B8
ValiditySat, 25 Nov 2023 08:26:12 GMT - Fri, 23 Feb 2024 08:26:11 GMT

File type
ASCII text, with very long lines (27615), with no line terminators
Size
28 kB (27615 bytes)
Hash
6de46a7fa9c8a9bf98dc4722f4723db0
9db905f1924b05d14f28adcf0d923e3042980690
6b2da9a037c78cfb5c0347bc234babb63abfe0f15dc755fdb0e092a572bd0a09

HTTP Headers

GET /js/group_1/app.min.js?v=6.3 HTTP/1.1
Host: hdtoday.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdtoday.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 01 Dec 2023 20:05:34 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0, 1; mode=block
cache-control: public, max-age=2592000
last-modified: Wed, 29 Nov 2023 04:35:57 GMT
etag: W/"6bdf-18c195cbfae"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 66334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuKlP9CKJDkisPdcxVOHXtb02ol5igxB42XTAFYMfYzxbH63g%2BnTetQozCM7jTAWO5c%2BFovZ4dZo%2B2BGOnGkao%2FONbxqQoX0N2YAPjUO48QdJu5Ew2C9ukuzNFqx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82edf219be67b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2

172.64.140.13

200 OK

67 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
IP
172.64.140.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hdtoday.cc/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 67400, version 1.0\012- data
Size
67 kB (67400 bytes)
Hash
14a08198ec7d1eb96d515362293fed36
965d78c34637d1bdab6277805faecb6caa959669
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

HTTP Headers

GET /releases/v5.3.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hdtoday.cc
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 20:05:34 GMT
content-type: font/woff2
content-length: 67400
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "14a08198ec7d1eb96d515362293fed36"
last-modified: Fri, 22 Sep 2023 01:45:31 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 732001
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDnOoV5f5QI%2BKFx8630lJ35SfNUvC%2F28UURK8SLZx5w3DfrFa1b%2BIYOSz%2BJbLLW9l%2FjnPO8a6XDzVtcj%2FWsEBTzgWcjMm2hBv8pYGzjUVLdH8AlUY2CWca81f%2BLSFcOsBOKBA4hx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82edf21d9fd652ab-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash