| belongedenemy.com/watch.249491121108.js?dev=r&key=8a300a7361ac6873953c273c44fbd672&kw=[%22fox%22,%22sports%22,%22-%22,%22ar%22,%22%C2%BB%22,%22mhdtv%22,%22sports%22]&refer=https://mhdsport.com/tv/fox-sports-ar/&res=14.31&tz=2&uuid= | 172.240.253.132 | 307 Temporary Redirect | 0 B |
URL User Request GET HTTP/1.1belongedenemy.com/watch.249491121108.js?dev=r&key=8a300a7361ac6873953c273c44fbd672&kw=[%22fox%22,%22sports%22,%22-%22,%22ar%22,%22%C2%BB%22,%22mhdtv%22,%22sports%22]&refer=https://mhdsport.com/tv/fox-sports-ar/&res=14.31&tz=2&uuid= IP172.240.253.132:443
CertificateIssuerLet's Encrypt Subjectbelongedenemy.com Fingerprint1D:22:55:32:18:99:69:96:5D:C0:1E:E6:F7:3E:F2:EA:2F:06:72:AA ValidityTue, 23 Apr 2024 10:53:14 GMT - Mon, 22 Jul 2024 10:53:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.249491121108.js?dev=r&key=8a300a7361ac6873953c273c44fbd672&kw=[%22fox%22,%22sports%22,%22-%22,%22ar%22,%22%C2%BB%22,%22mhdtv%22,%22sports%22]&refer=https://mhdsport.com/tv/fox-sports-ar/&res=14.31&tz=2&uuid= HTTP/1.1
Host: belongedenemy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 27 Apr 2024 00:41:04 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mhdsport.com/tv/fox-sports-ar/
Access-Control-Allow-Origin: https://mhdsport.com/tv/fox-sports-ar/
Access-Control-Allow-Credentials: true
Location: https://belongedenemy.com/watch.249491121108.js?dev=r&key=8a300a7361ac6873953c273c44fbd672&kw=%5B%22fox%22%2C%22sports%22%2C%22-%22%2C%22ar%22%2C%22%C2%BB%22%2C%22mhdtv%22%2C%22sports%22%5D&pst=1714178524&refer=https%3A%2F%2Fmhdsport.com%2Ftv%2Ffox-sports-ar%2F&res=14.31&rmtc=t&shu=e6c0da0a02468120f004561503019a16b8cad0071cf8f6715112f32268dca88cf1c3fea257a7a7267111d89e14fcf793d3a16c5be17089ca4e2b317e81f5683e43d1c447444ff878b6a58ff291aa812fdead6e3821655db3544aa55c7be0a42925&tz=2&uuid=
Set-Cookie: u_pl=23018116; expires=Sun, 28 Apr 2024 00:41:04 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzAxODExNiwiayI6IjhhMzAwYTczNjFhYzY4NzM5NTNjMjczYzQ0ZmJkNjcyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzc4MjE4LCJwaWQiOjE2MDAyMzYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6NSwicHQiOjQsInBrIjoieGNydnJya2IiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWhkc3BvcnQuY29tL3R2L2ZveC1zcG9ydHMtYXIvIiwiYXIiOltdfX0.AUoRrRX47SP7LaHwXHQe7kRQW1Nuv5gZjo4Y9d0UO34; expires=Sat, 27 Apr 2024 00:42:04 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 356bdd5d1a21f9b1cb60f8274655179f
Strict-Transport-Security: max-age=0; includeSubdomains
|
| belongedenemy.com/watch.249491121108.js?dev=r&key=8a300a7361ac6873953c273c44fbd672&kw=%5B%22fox%22%2C%22sports%22%2C%22-%22%2C%22ar%22%2C%22%C2%BB%22%2C%22mhdtv%22%2C%22sports%22%5D&pst=1714178524&refer=https%3A%2F%2Fmhdsport.com%2Ftv%2Ffox-sports-ar%2F&res=14.31&rmtc=t&shu=e6c0da0a02468120f004561503019a16b8cad0071cf8f6715112f32268dca88cf1c3fea257a7a7267111d89e14fcf793d3a16c5be17089ca4e2b317e81f5683e43d1c447444ff878b6a58ff291aa812fdead6e3821655db3544aa55c7be0a42925&tz=2&uuid= | 172.240.253.132 | 200 OK | 2.1 kB |
URL User Request GET HTTP/1.1belongedenemy.com/watch.249491121108.js?dev=r&key=8a300a7361ac6873953c273c44fbd672&kw=%5B%22fox%22%2C%22sports%22%2C%22-%22%2C%22ar%22%2C%22%C2%BB%22%2C%22mhdtv%22%2C%22sports%22%5D&pst=1714178524&refer=https%3A%2F%2Fmhdsport.com%2Ftv%2Ffox-sports-ar%2F&res=14.31&rmtc=t&shu=e6c0da0a02468120f004561503019a16b8cad0071cf8f6715112f32268dca88cf1c3fea257a7a7267111d89e14fcf793d3a16c5be17089ca4e2b317e81f5683e43d1c447444ff878b6a58ff291aa812fdead6e3821655db3544aa55c7be0a42925&tz=2&uuid= IP172.240.253.132:443
CertificateIssuerLet's Encrypt Subjectbelongedenemy.com Fingerprint1D:22:55:32:18:99:69:96:5D:C0:1E:E6:F7:3E:F2:EA:2F:06:72:AA ValidityTue, 23 Apr 2024 10:53:14 GMT - Mon, 22 Jul 2024 10:53:13 GMT
File typeJavaScript source, ASCII text, with very long lines (2629) Hasha906820d5aea30cff289be6ecf8f564e 9606f3107702f706f549068f5a349e1d233c9cee 78b9fa0f46512f6a8cc40ac0fa6be8bb52bdc78479825505ecf47eb1647bb38f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.249491121108.js?dev=r&key=8a300a7361ac6873953c273c44fbd672&kw=%5B%22fox%22%2C%22sports%22%2C%22-%22%2C%22ar%22%2C%22%C2%BB%22%2C%22mhdtv%22%2C%22sports%22%5D&pst=1714178524&refer=https%3A%2F%2Fmhdsport.com%2Ftv%2Ffox-sports-ar%2F&res=14.31&rmtc=t&shu=e6c0da0a02468120f004561503019a16b8cad0071cf8f6715112f32268dca88cf1c3fea257a7a7267111d89e14fcf793d3a16c5be17089ca4e2b317e81f5683e43d1c447444ff878b6a58ff291aa812fdead6e3821655db3544aa55c7be0a42925&tz=2&uuid= HTTP/1.1
Host: belongedenemy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: u_pl=23018116; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzAxODExNiwiayI6IjhhMzAwYTczNjFhYzY4NzM5NTNjMjczYzQ0ZmJkNjcyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzc4MjE4LCJwaWQiOjE2MDAyMzYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6NSwicHQiOjQsInBrIjoieGNydnJya2IiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWhkc3BvcnQuY29tL3R2L2ZveC1zcG9ydHMtYXIvIiwiYXIiOltdfX0.AUoRrRX47SP7LaHwXHQe7kRQW1Nuv5gZjo4Y9d0UO34
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 27 Apr 2024 00:41:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mhdsport.com/tv/fox-sports-ar/
Access-Control-Allow-Origin: https://mhdsport.com/tv/fox-sports-ar/
Access-Control-Allow-Credentials: true
Set-Cookie: iprc3a095d0ad485f53454dbe8df0ea284e4=3569806; expires=Sat, 27 Apr 2024 04:41:04 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 28 Apr 2024 00:41:04 GMT; secure; SameSite=None
uncs=1; expires=Sun, 28 Apr 2024 00:41:04 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 28 Apr 2024 00:41:04 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 28 Apr 2024 00:41:04 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a4a1fcb6c1ffce11af16a9f842842404
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
| belongedenemy.com/favicon.ico | 172.240.253.132 | 200 OK | 0 B |
URL GET HTTP/1.1belongedenemy.com/favicon.ico IP172.240.253.132:443
Requested byhttps://belongedenemy.com/watch.249491121108.js?dev=r&key=8a300a7361ac6873953c273c44fbd672&kw=%5B%22fox%22%2C%22sports%22%2C%22-%22%2C%22ar%22%2C%22%C2%BB%22%2C%22mhdtv%22%2C%22sports%22%5D&pst=1714178524&refer=https%3A%2F%2Fmhdsport.com%2Ftv%2Ffox-sports-ar%2F&res=14.31&rmtc=t&shu=e6c0da0a02468120f004561503019a16b8cad0071cf8f6715112f32268dca88cf1c3fea257a7a7267111d89e14fcf793d3a16c5be17089ca4e2b317e81f5683e43d1c447444ff878b6a58ff291aa812fdead6e3821655db3544aa55c7be0a42925&tz=2&uuid= CertificateIssuerLet's Encrypt Subjectbelongedenemy.com Fingerprint1D:22:55:32:18:99:69:96:5D:C0:1E:E6:F7:3E:F2:EA:2F:06:72:AA ValidityTue, 23 Apr 2024 10:53:14 GMT - Mon, 22 Jul 2024 10:53:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: belongedenemy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://belongedenemy.com/watch.249491121108.js?dev=r&key=8a300a7361ac6873953c273c44fbd672&kw=%5B%22fox%22%2C%22sports%22%2C%22-%22%2C%22ar%22%2C%22%C2%BB%22%2C%22mhdtv%22%2C%22sports%22%5D&pst=1714178524&refer=https%3A%2F%2Fmhdsport.com%2Ftv%2Ffox-sports-ar%2F&res=14.31&rmtc=t&shu=e6c0da0a02468120f004561503019a16b8cad0071cf8f6715112f32268dca88cf1c3fea257a7a7267111d89e14fcf793d3a16c5be17089ca4e2b317e81f5683e43d1c447444ff878b6a58ff291aa812fdead6e3821655db3544aa55c7be0a42925&tz=2&uuid=
Cookie: u_pl=23018116; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzAxODExNiwiayI6IjhhMzAwYTczNjFhYzY4NzM5NTNjMjczYzQ0ZmJkNjcyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzc4MjE4LCJwaWQiOjE2MDAyMzYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6NSwicHQiOjQsInBrIjoieGNydnJya2IiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWhkc3BvcnQuY29tL3R2L2ZveC1zcG9ydHMtYXIvIiwiYXIiOltdfX0.AUoRrRX47SP7LaHwXHQe7kRQW1Nuv5gZjo4Y9d0UO34; iprc3a095d0ad485f53454dbe8df0ea284e4=3569806; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 27 Apr 2024 00:41:05 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 13c85fa2738133cb323ecfa966759f24
Strict-Transport-Security: max-age=0; includeSubdomains
|
| cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png | 45.133.44.10 | 200 OK | 144 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://belongedenemy.com/watch.249491121108.js?dev=r&key=8a300a7361ac6873953c273c44fbd672&kw=%5B%22fox%22%2C%22sports%22%2C%22-%22%2C%22ar%22%2C%22%C2%BB%22%2C%22mhdtv%22%2C%22sports%22%5D&pst=1714178524&refer=https%3A%2F%2Fmhdsport.com%2Ftv%2Ffox-sports-ar%2F&res=14.31&rmtc=t&shu=e6c0da0a02468120f004561503019a16b8cad0071cf8f6715112f32268dca88cf1c3fea257a7a7267111d89e14fcf793d3a16c5be17089ca4e2b317e81f5683e43d1c447444ff878b6a58ff291aa812fdead6e3821655db3544aa55c7be0a42925&tz=2&uuid= CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Size144 kB (144379 bytes) Hash33c304429dc1a4408a96e6a74ffa2feb c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04 dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://belongedenemy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 Apr 2024 00:41:05 GMT
content-type: image/png
content-length: 144379
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Mon, 29 Apr 2024 00:41:05 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|