Report - xtremehdiptv.org/

Report Overview

Visitedpublic

2025-07-13 14:11:27

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
xtremehdiptv.org	584821	2021-04-13	2021-04-20	2025-06-27	5.3 kB	227 kB	104.26.2.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-07-13	medium	xtremehdiptv.org	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	xtremehdiptv.org/	ScriptElement	3.2 kB	2025-06-27	2025-07-13
URL xtremehdiptv.org/ IP / ASN 104.26.2.27 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2025-06-27 Last Seen 2025-07-13 Times Seen 2 Size 3.2 kB (3240 bytes) MD5 da47f0b4342e3f3ff962b3ce9ef36c11 SHA1 b7b742cf19f532e7066d74cb7c6c9d5b04ed28fa SHA256 942ffb9d3a05edcff22df3e22314ddb384d19baf8da7ae9e2c500f6ec62dbed7 Format Code Loading...

	about:blank	ScriptElement	236 B	2025-07-13	2025-07-13
URL about:blank IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2025-07-13 Last Seen 2025-07-13 Times Seen 1 Size 236 B (236 bytes) MD5 824545d71997ba15e9dd623e9977b5aa SHA1 9e4ae4d0a6f7c5867a32d135f327301a77185807 SHA256 a4fd8db90969f991148f0f045cb17748261c8d1ae605a1b25dfa60dcf092e2f3 Format Code Loading...

	xtremehdiptv.org/	ScriptElement	761 B	2025-06-27	2025-07-13
URL xtremehdiptv.org/ IP / ASN 104.26.2.27 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2025-06-27 Last Seen 2025-07-13 Times Seen 2 Size 761 B (761 bytes) MD5 8f2ea21a9868febd35c90a524b40b096 SHA1 fe3273719ec870b43a4dc3cc5f760daddd9f29f7 SHA256 5b7ae7092f422226f0c9db371cc557772230d5959128acbb424f96d9e411d5a3 Format Code Loading...

	xtremehdiptv.org/	ScriptElement	921 B	2025-07-13	2025-07-13
URL xtremehdiptv.org/ IP / ASN 104.26.2.27 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2025-07-13 Last Seen 2025-07-13 Times Seen 1 Size 921 B (921 bytes) MD5 ffe8b3349256cad19489c147eb493adc SHA1 28aa4226d7ad89788a5028b56cb9687d9fb95e39 SHA256 4bca8483373918eaac89a2c4b75da2283c324029593481d65ba7e94e8543dcde Format Code Loading...

	xtremehdiptv.org/wp-includes/js/wp-emoji-release.min.js?ver=6.8.1	ScriptElement	19 kB	2025-04-03	2025-08-09
URL xtremehdiptv.org/wp-includes/js/wp-emoji-release.min.js?ver=6.8.1 IP / ASN 104.26.2.27 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2025-04-03 Last Seen 2025-08-09 Times Seen 33236 Size 19 kB (19264 bytes) MD5 1dafa7fe14b33c26fef9b0e5ba0c8e72 SHA1 62f67cdac55d89c43570bf0c338f4edf548b14e1 SHA256 50cc1a0490008ec62ca8b581fa9cdcfb2eda2d36a08ccbeb1f004da599e9cc61 Format Code Loading...

	xtremehdiptv.org/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	10 kB	2025-07-13	2025-07-13
URL xtremehdiptv.org/cdn-cgi/challenge-platform/scripts/jsd/main.js IP / ASN 104.26.2.27 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2025-07-13 Last Seen 2025-07-13 Times Seen 2 Size 10 kB (10044 bytes) MD5 2e526dd69be93b3d3939686293a4c64f SHA1 2fad62360abee0314d9853c8f0874f3b65baf4ac SHA256 be0c94c9014ae970eeb3d9d1dc2a25f85f14b434f768e871b180bdb833d1ec57 Format Code Loading...

HTTP Transactions (11)

URL IP Response Size

GET xtremehdiptv.org/

104.26.2.27

200 OK

21 kB

URL User Request GET HTTPS

xtremehdiptv.org/

IP / ASN

104.26.2.27

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (10901)

First Seen2025-07-13

Last Seen2025-07-13

Times Seen1

Size21 kB (20646 bytes)

MD5761a0efd42477d6a89561541adbe5f52

SHA18187e7024d9cf52f53b23b616a1e2f0205e52415

SHA2562d2aa6482b4d676db6fadbb5213218173d7ff395663c9832b73ef0de2e4a0301

Certificate Info

IssuerGoogle Trust Services

Subjectxtremehdiptv.org

Fingerprint59:98:FC:53:32:34:B4:16:06:58:AF:5A:1B:CD:AF:B4:1A:6F:8B:7E

ValidityMon, 19 May 2025 00:25:52 GMT - Sun, 17 Aug 2025 01:25:48 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: xtremehdiptv.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 13 Jul 2025 14:11:03 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
link: <https://xtremehdiptv.org/wp-json/>; rel="https://api.w.org/", <https://xtremehdiptv.org/wp-json/wp/v2/pages/3016>; rel="alternate"; title="JSON"; type="application/json", <https://xtremehdiptv.org/>; rel=shortlink
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ftcl6s2KVHCzjilJegS9pt4J1xL7pRVGJIK1U7MuJnnnXYjlJ2R03u4NiB0RPBSayEGC7%2F%2BpXf1oo5eler%2Brr9gGQJAcLrVJKkk7KRJhtDcI0gLC11HWhR7ztWZbvAEo24Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 95e95e079905b4f3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5695&min_rtt=425&rtt_var=10526&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3213&recv_bytes=1126&delivery_rate=7757142&cwnd=250&unsent_bytes=0&cid=a3cc36cd2825aef7&ts=544&x=0"
X-Firefox-Spdy: h2

GET xtremehdiptv.org/wp-content/themes/hello-elementor/assets/css/theme.css?ver=3.4.4

104.26.2.27

200 OK

5.1 kB

URL GET HTTPS

xtremehdiptv.org/wp-content/themes/hello-elementor/assets/css/theme.css?ver=3.4.4

IP / ASN

104.26.2.27

#13335 CLOUDFLARENET

Requested byhttps://xtremehdiptv.org/

Resource Info

File typeUnicode text, UTF-8 text, with very long lines (5092)

First Seen2025-06-08

Last Seen2025-08-09

Times Seen1779

Size5.1 kB (5097 bytes)

MD5a480d2bf8c523da1c15b272e519f33f2

SHA1385993a72c83ebbf0e0db1ed05112d35bfdaf22b

SHA2569a7cfe03ec7638180859c5cd93ed18a75c0b4519c01849e2b6b2e2c90a0dea2f

Certificate Info

IssuerGoogle Trust Services

Subjectxtremehdiptv.org

Fingerprint59:98:FC:53:32:34:B4:16:06:58:AF:5A:1B:CD:AF:B4:1A:6F:8B:7E

ValidityMon, 19 May 2025 00:25:52 GMT - Sun, 17 Aug 2025 01:25:48 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/hello-elementor/assets/css/theme.css?ver=3.4.4 HTTP/1.1
Host: xtremehdiptv.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtremehdiptv.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 13 Jul 2025 14:11:03 GMT
content-type: text/css
content-encoding: br
last-modified: Sun, 13 Jul 2025 12:22:15 GMT
cf-cache-status: HIT
age: 2293
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rAEzrSeGMvDMZLV5MO2%2BnM6CYspYszFfpKJL%2B4QfFG5zupf%2FIIriEEsFP9NaRzQHU%2F8C09L4vUuSXhsTgiprnDehrd%2FI7QL15riZsIUvFlkQWR9HEOBj9Y8czRzxaHroCUk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 95e95e0c8f5a0afa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10586&min_rtt=1856&rtt_var=8347&sent=15&recv=9&lost=0&retrans=0&sent_bytes=6609&recv_bytes=2343&delivery_rate=1312211&cwnd=12000&unsent_bytes=0&cid=062ab958f1496795&ts=273&x=1", cfExtPri, cfHdrFlush;dur=0

GET xtremehdiptv.org/wp-content/themes/hello-elementor/assets/css/header-footer.css?ver=3.4.4

104.26.2.27

200 OK

7.2 kB

URL GET HTTPS

xtremehdiptv.org/wp-content/themes/hello-elementor/assets/css/header-footer.css?ver=3.4.4

IP / ASN

104.26.2.27

#13335 CLOUDFLARENET

Requested byhttps://xtremehdiptv.org/

Resource Info

File typeUnicode text, UTF-8 text, with very long lines (7179)

First Seen2025-04-10

Last Seen2025-08-09

Times Seen1804

Size7.2 kB (7182 bytes)

MD586dbb47955bb9db9c74abc72efb0c6f6

SHA166e008f8d28438934133a914efc7a40bd9fbad5e

SHA2565052c28c33de995612b9c064753ee989d1e7755027e2b80292148728f444ec8d

Certificate Info

IssuerGoogle Trust Services

Subjectxtremehdiptv.org

Fingerprint59:98:FC:53:32:34:B4:16:06:58:AF:5A:1B:CD:AF:B4:1A:6F:8B:7E

ValidityMon, 19 May 2025 00:25:52 GMT - Sun, 17 Aug 2025 01:25:48 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/hello-elementor/assets/css/header-footer.css?ver=3.4.4 HTTP/1.1
Host: xtremehdiptv.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtremehdiptv.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 13 Jul 2025 14:11:03 GMT
content-type: text/css
content-encoding: br
last-modified: Sun, 13 Jul 2025 12:22:15 GMT
cf-cache-status: HIT
age: 2292
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8s0ZjBnZn0V5U3PFlZXf9UboKAo6z66rUuy4AA9szuquohsC7YpMmPZatDRElijcXelFV%2B9ttUBzrYiRbUMYKwGZH%2B6BwOK9quhLv79xmq5WhCUsOHCcOgFDqTnEKCZYHmw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 95e95e0c8f5c0afa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10586&min_rtt=1856&rtt_var=8347&sent=18&recv=9&lost=0&retrans=0&sent_bytes=8575&recv_bytes=2343&delivery_rate=1312211&cwnd=12000&unsent_bytes=0&cid=062ab958f1496795&ts=275&x=1", cfExtPri, cfHdrFlush;dur=0

GET xtremehdiptv.org/wp-includes/js/wp-emoji-release.min.js?ver=6.8.1

104.26.2.27

200 OK

19 kB

URL GET HTTPS

xtremehdiptv.org/wp-includes/js/wp-emoji-release.min.js?ver=6.8.1

IP / ASN

104.26.2.27

#13335 CLOUDFLARENET

Requested byhttps://xtremehdiptv.org/

Resource Info

File typeJavaScript source, ASCII text, with very long lines (16290)

First Seen2025-04-03

Last Seen2025-08-09

Times Seen33236

Size19 kB (19264 bytes)

MD51dafa7fe14b33c26fef9b0e5ba0c8e72

SHA162f67cdac55d89c43570bf0c338f4edf548b14e1

SHA25650cc1a0490008ec62ca8b581fa9cdcfb2eda2d36a08ccbeb1f004da599e9cc61

Certificate Info

IssuerGoogle Trust Services

Subjectxtremehdiptv.org

Fingerprint59:98:FC:53:32:34:B4:16:06:58:AF:5A:1B:CD:AF:B4:1A:6F:8B:7E

ValidityMon, 19 May 2025 00:25:52 GMT - Sun, 17 Aug 2025 01:25:48 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.8.1 HTTP/1.1
Host: xtremehdiptv.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtremehdiptv.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 13 Jul 2025 14:11:03 GMT
content-type: application/x-javascript
content-length: 5166
cf-ray: 95e95e0d68250afa-OSL
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Wed, 16 Apr 2025 12:32:07 GMT
etag: "4b40-632e4792a1fc0-gzip"
cache-control: max-age=31536000
expires: Mon, 13 Jul 2026 06:33:38 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
cf-cache-status: HIT
age: 27445
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AD%2BTgHbihNKAzw3WGz%2BpajdOyVv8ZkSB%2BKaq%2FsT1TKR8iDLcFdIEWpQDIM1fj%2F1wzOIiN7c1VS3wsbEAqBRKPPanowiF7Lpo8r7qBC%2FZOWK2kKyEKzfEF9cCWgrZYffpaRw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6532&min_rtt=1733&rtt_var=6043&sent=43&recv=18&lost=0&retrans=0&sent_bytes=31802&recv_bytes=3416&delivery_rate=2581664&cwnd=20400&unsent_bytes=0&cid=062ab958f1496795&ts=392&x=1", cfExtPri, cfHdrFlush;dur=0

GET xtremehdiptv.org/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1

104.26.2.27

200 OK

116 kB

URL GET HTTPS

xtremehdiptv.org/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1

IP / ASN

104.26.2.27

#13335 CLOUDFLARENET

Requested byhttps://xtremehdiptv.org/

Resource Info

File typeASCII text, with very long lines (55654)

First Seen2025-04-15

Last Seen2025-08-09

Times Seen25947

Size116 kB (116363 bytes)

MD5dfe67cbbac3da53fdbbaed71c91db428

SHA18c82643ef63a8389c1b800b7c5d0af9d684b8b24

SHA256597ddfdee7171750c16ec5aafd392cf992e9c53386d6bb6061d48e30334f09e9

Certificate Info

IssuerGoogle Trust Services

Subjectxtremehdiptv.org

Fingerprint59:98:FC:53:32:34:B4:16:06:58:AF:5A:1B:CD:AF:B4:1A:6F:8B:7E

ValidityMon, 19 May 2025 00:25:52 GMT - Sun, 17 Aug 2025 01:25:48 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.8.1 HTTP/1.1
Host: xtremehdiptv.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtremehdiptv.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 13 Jul 2025 14:11:03 GMT
content-type: text/css
content-encoding: br
last-modified: Wed, 16 Apr 2025 12:32:07 GMT
cf-cache-status: HIT
age: 2292
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ym6Nt9H40HdjwpvJSVjRYlk6Hgxa9F168jPamjhXrtczOmKctF5Lhdig3JkV0ZfoFx8igD6ODdkrhlrzpZU5mrNXEuQfVToiAS6PWUyqJKUk63ofPktUUxCKFE2LrVJgVM4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 95e95e0c8f550afa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9966&min_rtt=1856&rtt_var=7500&sent=20&recv=10&lost=0&retrans=0&sent_bytes=10672&recv_bytes=2387&delivery_rate=1312211&cwnd=12000&unsent_bytes=0&cid=062ab958f1496795&ts=276&x=1", cfExtPri, cfHdrFlush;dur=0

GET xtremehdiptv.org/wp-content/themes/hello-elementor/assets/css/reset.css?ver=3.4.4

104.26.2.27

200 OK

5.5 kB

URL GET HTTPS

xtremehdiptv.org/wp-content/themes/hello-elementor/assets/css/reset.css?ver=3.4.4

IP / ASN

104.26.2.27

#13335 CLOUDFLARENET

Requested byhttps://xtremehdiptv.org/

Resource Info

File typeASCII text, with very long lines (5455)

First Seen2025-06-08

Last Seen2025-08-09

Times Seen1787

Size5.5 kB (5456 bytes)

MD5af4b9638d69957103dc5ea259563873e

SHA11d048e10f67e855fcef131c910f5e46972181596

SHA2562f01a854a759c0a6a6911634e4ae5283b86a054908e4587c1fd17561fe4ce3cf

Certificate Info

IssuerGoogle Trust Services

Subjectxtremehdiptv.org

Fingerprint59:98:FC:53:32:34:B4:16:06:58:AF:5A:1B:CD:AF:B4:1A:6F:8B:7E

ValidityMon, 19 May 2025 00:25:52 GMT - Sun, 17 Aug 2025 01:25:48 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/hello-elementor/assets/css/reset.css?ver=3.4.4 HTTP/1.1
Host: xtremehdiptv.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtremehdiptv.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 13 Jul 2025 14:11:03 GMT
content-type: text/css
content-encoding: br
last-modified: Sun, 13 Jul 2025 12:22:15 GMT
cf-cache-status: HIT
age: 2292
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qee9ZBDHsqpTaBRpJVRtFIKS%2FRLhN%2Bk6bpTrxsVw2pytz%2Fa%2BW42XHLrwQ3iJxh%2FYBUeVUqjyInzbudYH%2FxdJuFw%2Bz2L04oLw0VcvZzUmgErqn%2FeAMEJiiuoxaevMhHKXBSQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 95e95e0c8f580afa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11827&min_rtt=1856&rtt_var=7818&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4123&recv_bytes=2300&delivery_rate=343144&cwnd=12000&unsent_bytes=0&cid=062ab958f1496795&ts=269&x=1", cfExtPri, cfHdrFlush;dur=0

GET xtremehdiptv.org/wp-content/themes/HD%20IPTV/style.css?ver=2.0.0

104.26.2.27

200 OK

22 kB

URL GET HTTPS

xtremehdiptv.org/wp-content/themes/HD%20IPTV/style.css?ver=2.0.0

IP / ASN

104.26.2.27

#13335 CLOUDFLARENET

Requested byhttps://xtremehdiptv.org/

Resource Info

File typeASCII text, with very long lines (591)

First Seen2025-07-13

Last Seen2025-07-13

Times Seen1

Size22 kB (21997 bytes)

MD5eba6175ee61bf90a4b62fc6cb7c07070

SHA1544ee7a4907950a93728a34c1d972ca8011e8d43

SHA2560fa30cf3f7d42394b4e5c4ccefafd31383ce1a59639026113fdc39122f11e44e

Certificate Info

IssuerGoogle Trust Services

Subjectxtremehdiptv.org

Fingerprint59:98:FC:53:32:34:B4:16:06:58:AF:5A:1B:CD:AF:B4:1A:6F:8B:7E

ValidityMon, 19 May 2025 00:25:52 GMT - Sun, 17 Aug 2025 01:25:48 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/HD%20IPTV/style.css?ver=2.0.0 HTTP/1.1
Host: xtremehdiptv.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtremehdiptv.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 13 Jul 2025 14:11:03 GMT
content-type: text/css
content-encoding: br
last-modified: Mon, 20 Nov 2023 20:02:33 GMT
cf-cache-status: HIT
age: 2293
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nwk561vy3R%2BNnXOXZt0Eh1a8BpcGvu1TCxDyY%2BEmYFvxqRp1CAgrHcmbQFNwyJrmlEi5bH3YkUw72HbJZB%2BSvsnmb0FdkchXA8er00mrMMdHjJEWuaa5gd6BdEC0wpgAy%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 95e95e0c8f5e0afa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7217&min_rtt=1761&rtt_var=6229&sent=35&recv=14&lost=0&retrans=0&sent_bytes=27273&recv_bytes=2560&delivery_rate=1467822&cwnd=20400&unsent_bytes=0&cid=062ab958f1496795&ts=283&x=1", cfExtPri, cfHdrFlush;dur=0

GET xtremehdiptv.org/favicon.ico

104.26.2.27

404 Not Found

315 B

URL GET HTTPS

xtremehdiptv.org/favicon.ico

IP / ASN

104.26.2.27

#13335 CLOUDFLARENET

Requested byhttps://xtremehdiptv.org/

Resource Info

File typeHTML document, ASCII text

First Seen2023-03-07

Last Seen2025-08-09

Times Seen97544

Size315 B (315 bytes)

MD5a34ac19f4afae63adc5d2f7bc970c07f

SHA1a82190fc530c265aa40a045c21770d967f4767b8

SHA256d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Certificate Info

IssuerGoogle Trust Services

Subjectxtremehdiptv.org

Fingerprint59:98:FC:53:32:34:B4:16:06:58:AF:5A:1B:CD:AF:B4:1A:6F:8B:7E

ValidityMon, 19 May 2025 00:25:52 GMT - Sun, 17 Aug 2025 01:25:48 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: xtremehdiptv.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xtremehdiptv.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sun, 13 Jul 2025 14:11:04 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
cf-cache-status: MISS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=co1vo85SwfK0Vd4R%2BLvAlPseLYdqH9sSjCiClwFFvbuamGUeOhzdIBL6l700WLzE3IUYMaltOsoRpFgJUDBuLBdI8n5CtosXn7ju%2F5020nuH9xwmdFSMmPCPcSY3XzKncAk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 95e95e0d48150afa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5278&min_rtt=1445&rtt_var=4526&sent=56&recv=22&lost=0&retrans=0&sent_bytes=44194&recv_bytes=3814&delivery_rate=3818996&cwnd=20400&unsent_bytes=0&cid=062ab958f1496795&ts=566&x=1", cfExtPri, cfHdrFlush;dur=0

GET xtremehdiptv.org/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.26.2.27

302 Found

10 kB

URL GET HTTPS

xtremehdiptv.org/cdn-cgi/challenge-platform/scripts/jsd/main.js

IP / ASN

104.26.2.27

#13335 CLOUDFLARENET

Requested byhttps://xtremehdiptv.org/

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-09

Times Seen5738355

Size10 kB (10044 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectxtremehdiptv.org

Fingerprint59:98:FC:53:32:34:B4:16:06:58:AF:5A:1B:CD:AF:B4:1A:6F:8B:7E

ValidityMon, 19 May 2025 00:25:52 GMT - Sun, 17 Aug 2025 01:25:48 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: xtremehdiptv.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Sun, 13 Jul 2025 14:11:03 GMT
content-length: 0
cf-ray: 95e95e0d68270afa-OSL
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/01a6b50f61fd/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gsIIJjsB5pF7fw1qN2zBj6TMLitqa35dRBN%2BvCDg4i%2FaESXozOicaB02t%2FrvLfX5oEHy0VZyHefYAvZFmyBa8F4djnty%2Fj2vz9WLBzBpN1fWttGHKDEkg%2FcXYkqZEENhU5s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6532&min_rtt=1733&rtt_var=6043&sent=49&recv=18&lost=0&retrans=0&sent_bytes=37920&recv_bytes=3416&delivery_rate=2581664&cwnd=20400&unsent_bytes=0&cid=062ab958f1496795&ts=397&x=1", cfExtPri, cfHdrFlush;dur=0

GET xtremehdiptv.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/01a6b50f61fd/main.js?

104.26.2.27

200 OK

10 kB

URL GET HTTPS

xtremehdiptv.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/01a6b50f61fd/main.js?

IP / ASN

104.26.2.27

#13335 CLOUDFLARENET

Requested byhttps://xtremehdiptv.org/

Resource Info

File typeJavaScript source, ASCII text, with very long lines (10044), with no line terminators

First Seen2025-07-13

Last Seen2025-07-13

Times Seen2

Size10 kB (10044 bytes)

MD52e526dd69be93b3d3939686293a4c64f

SHA12fad62360abee0314d9853c8f0874f3b65baf4ac

SHA256be0c94c9014ae970eeb3d9d1dc2a25f85f14b434f768e871b180bdb833d1ec57

Certificate Info

IssuerGoogle Trust Services

Subjectxtremehdiptv.org

Fingerprint59:98:FC:53:32:34:B4:16:06:58:AF:5A:1B:CD:AF:B4:1A:6F:8B:7E

ValidityMon, 19 May 2025 00:25:52 GMT - Sun, 17 Aug 2025 01:25:48 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/01a6b50f61fd/main.js? HTTP/1.1
Host: xtremehdiptv.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 13 Jul 2025 14:11:03 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IgFfF0BUF04pk%2BhyCx%2F7tbXTBRTY4zbZTEtdy4E7h3NySvjAIkWd4GMIKqerkazvpLeA5dZoSyenoEGjvs7iZNnDLO%2F9P244%2FNNzCTX8Qen22HjDQjZHUAKiSMM1igmQXYQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 95e95e0d987d0afa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5826&min_rtt=1733&rtt_var=4575&sent=51&recv=21&lost=0&retrans=0&sent_bytes=38675&recv_bytes=3771&delivery_rate=2581664&cwnd=20400&unsent_bytes=0&cid=062ab958f1496795&ts=424&x=1", cfExtPri, cfHdrFlush;dur=0

POST xtremehdiptv.org/cdn-cgi/challenge-platform/h/g/jsd/r/0.5292031177987881:1752412607:RBDk-vKyyVRW56Wl_XuMm-qMZ2BUZoFP7AMXh19q10I/95e95e079905b4f3

104.26.2.27

200 OK

0 B

URL POST HTTPS

xtremehdiptv.org/cdn-cgi/challenge-platform/h/g/jsd/r/0.5292031177987881:1752412607:RBDk-vKyyVRW56Wl_XuMm-qMZ2BUZoFP7AMXh19q10I/95e95e079905b4f3

IP / ASN

104.26.2.27

#13335 CLOUDFLARENET

Requested byhttps://xtremehdiptv.org/

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-09

Times Seen5738355

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectxtremehdiptv.org

Fingerprint59:98:FC:53:32:34:B4:16:06:58:AF:5A:1B:CD:AF:B4:1A:6F:8B:7E

ValidityMon, 19 May 2025 00:25:52 GMT - Sun, 17 Aug 2025 01:25:48 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/0.5292031177987881:1752412607:RBDk-vKyyVRW56Wl_XuMm-qMZ2BUZoFP7AMXh19q10I/95e95e079905b4f3 HTTP/1.1
Host: xtremehdiptv.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 12077
Origin: https://xtremehdiptv.org
DNT: 1
Connection: keep-alive
Referer: https://xtremehdiptv.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 13 Jul 2025 14:11:04 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
cf-ray: 95e95e0ed9850afa-OSL
set-cookie: cf_clearance=4z.J54YGuT_KKZ2LBKx.jjA3yuJkMp2cXBn4eZXgBLQ-1752415864-1.2.1.1-NyaLdpTCoQiZPGqUpLNDDOMldWjlOuMfc3itbN506F5QmG9TsGaB3470uIf1ANB7qw8.teRpR8qNgU55X1Gi9PtKu7.u9zGt2B_ketvs9Jg09LrYVhJlbtrkf5U0cbd4q21PFQPRtXFyZELChbErsi_ecFqgd9O_BWbjDjjfRCtEt8JU9.hSURgQeswMNKbaCIRNyICYDWyJ567Ok29c.SG.mwcteeUVQ.eDNsV6U54; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=xtremehdiptv.org; Expires=Mon, 13 Jul 2026 14:11:04 GMT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPBiqBX5S5x6CejTo%2Btb9BjQ1wp%2FrLf%2ByjWNeZL8GxJaNxyCVlml2Wh67Mr32pFlzcaWKT5xW82pEjeIbuZ018Vj9nWZuDFl%2BjOKXSPSmmWpFelv%2FGK8xw6qUn6E2XMr7k0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4800&min_rtt=1445&rtt_var=4351&sent=64&recv=33&lost=0&retrans=0&sent_bytes=45257&recv_bytes=16699&delivery_rate=3818996&cwnd=20400&unsent_bytes=0&cid=062ab958f1496795&ts=668&x=1", cfExtPri, cfHdrFlush;dur=0