Report - www.hdtodaytv.tv/

Report Overview

Visited public
2025-06-15 18:54:09
Tags
Submit Tags
URL
www.hdtodaytv.tv/
Finishing URL
ww1.hdtodaytv.tv/
IP / ASN
104.21.80.1
#13335 CLOUDFLARENET
Title
HDToday.tv - Watch Movies Online for Free on HDToday

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
experttrafficcounter.com	unknown	2025-01-23	2025-01-24	2025-06-13	898 B	850 B	52.58.19.254
cdn.show-sb.com	unknown	2024-08-20	2024-08-31	2025-06-14	498 B	2.1 kB	172.67.170.115
invadedisheartentrail.com	unknown	2024-09-01	2024-10-22	2025-06-09	6.2 kB	4.1 kB	172.240.108.76
cdn.creative-stat1.com	unknown	2024-08-20	2024-08-27	2025-06-12	2.3 kB	172 kB	188.114.97.1
ww1.hdtodaytv.tv	unknown	2022-09-27	2025-06-15	2025-06-15	2.9 kB	124 kB	104.21.16.1
cdn.storageimagedisplay.com	unknown	2024-09-13	2024-09-13	2025-06-12	461 B	16 kB	45.133.44.2
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2025-06-13	429 B	377 B	185.196.197.71
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-06-11	2.8 kB	205 kB	142.250.74.35
ajax.googleapis.com	12905	2005-01-25	2012-05-22	2025-06-11	445 B	88 kB	142.250.74.42
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-04-05	2025-06-11	467 B	160 kB	104.18.10.207
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-06-11	441 B	95 kB	104.17.24.14
jeopardizegrowled.com	unknown	2025-04-01	2025-06-12	2025-06-12	1.4 kB	179 kB	192.243.59.20
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-06-11	887 B	40 kB	142.250.74.10
unseenreport.com	unknown	2022-03-30	2022-03-30	2025-06-13	1.5 kB	992 B	192.243.59.20
www.hdtodaytv.tv	unknown	2022-09-27	2022-11-15	2023-09-04	485 B	11 kB	104.21.16.1
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2025-06-11	448 B	52 kB	104.18.10.207
recordedthereby.com	unknown	2024-05-08	2024-05-08	2025-06-09	830 B	172 kB	185.196.197.71
shotgunchancecruel.com	unknown	2024-08-20	2025-01-25	2025-06-09	503 B	499 B	172.240.108.68
use.fontawesome.com	942	2012-10-18	2017-01-30	2025-06-11	988 B	118 kB	172.67.142.245

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-15	medium	jeopardizegrowled.com	Sinkholed
2025-06-15	medium	invadedisheartentrail.com	Sinkholed
2025-06-15	medium	recordedthereby.com	Sinkholed
2025-06-15	medium	recordedthereby.com	Sinkholed
2025-06-15	medium	invadedisheartentrail.com	Sinkholed
2025-06-15	medium	jeopardizegrowled.com	Sinkholed
2025-06-15	medium	invadedisheartentrail.com	Sinkholed
2025-06-15	medium	invadedisheartentrail.com	Sinkholed
2025-06-15	medium	unseenreport.com	Sinkholed
2025-06-15	medium	invadedisheartentrail.com	Sinkholed
2025-06-15	medium	invadedisheartentrail.com	Sinkholed
2025-06-15	medium	capaciousdrewreligion.com	Sinkholed
2025-06-15	medium	unseenreport.com	Sinkholed
2025-06-15	medium	invadedisheartentrail.com	Sinkholed
2025-06-15	medium	jeopardizegrowled.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	From	Size	First Seen	Last Seen
	ww1.hdtodaytv.tv/	ScriptElement	283 B	2025-06-15	2025-06-15
Pretty URL ww1.hdtodaytv.tv/ IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-15 18:54 Last Seen2025-06-15 18:54 Times Seen1 Hash 656e0f8c08b4332f217f145c4e71ffb4 09aecd0f1b641724af8e4dd212ee52eb6512834c 1fda3fe961c588e6e36001656c0f71aacab5d401d14b402095ae751408629912 Loading...

	jeopardizegrowled.com/67/71/e3/6771e34291259a02d8a420e4280edbdf.js	ScriptElement	65 kB	2025-06-15	2025-06-15
Pretty URL jeopardizegrowled.com/67/71/e3/6771e34291259a02d8a420e4280edbdf.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-15 18:54 Last Seen2025-06-15 18:54 Times Seen1 Hash d6e52fed16e23c0c5cf6a1fe49b72dcf e63efc84b309229502e19c3ea4dbde8789c58ea3 ff2ec10788f0905f0d0e867f365701e2bf559a28675d7f949466772a4e30f0b3 Loading...

	ww1.hdtodaytv.tv/	ScriptElement	718 B	2025-06-15	2025-06-15
Pretty URL ww1.hdtodaytv.tv/ IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-15 18:54 Last Seen2025-06-15 18:54 Times Seen1 Hash 49d99d0f0138751b9db2b16b72de6e4e f63b942861cf9e68d9093203c07581ee9ae77a52 978d1d6de3f2562a8e8a6532c3ef364f69379c49c6d9709650d589b115f0bc8c Loading...

	jeopardizegrowled.com/0d/b9/46/0db946e2fa3a3c48010c295c1cd7c006.js	ScriptElement	104 kB	2025-06-15	2025-06-15
Pretty URL jeopardizegrowled.com/0d/b9/46/0db946e2fa3a3c48010c295c1cd7c006.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-15 18:54 Last Seen2025-06-15 18:54 Times Seen1 Hash 6180b0b30473560aa8c2e55deec4456e eed89d7d09618794384b8ae10a3d763f17818959 886c2fa8e47ffccba8e236894f2cceaa70d5e00374a163d44aae8384d183b635 Loading...

	about:blank	ScriptElement	1.3 kB	2025-06-15	2025-06-15
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-15 18:54 Last Seen2025-06-15 18:54 Times Seen1 Hash db8a1d4abe7b148c3876440d52529095 9a0ceb9d012776fadcb9b4ec1c316211eb775885 a93152037bd9f5f6e686192decdcb9f3f847cfd6f8b08a8d2b7f13406fcc4fbf Loading...

	ww1.hdtodaytv.tv/static/js/group_1/app.min.js	ScriptElement	3.4 kB	2025-03-09	2025-06-15
Pretty URL ww1.hdtodaytv.tv/static/js/group_1/app.min.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-09 03:32 Last Seen2025-06-15 18:54 Times Seen2 Hash 807da2fa01a7586abfd25641ed97b476 166c22b9ab7b8c0799216fd884d417998815781c df236884a2bc43da086e76a522c2984bbac59df6071042f84536f4f645318c2c Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-06-27
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-27 05:05 Times Seen62047 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js	ScriptElement	94 kB	2023-03-07	2025-06-27
Pretty URL cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-06-27 03:19 Times Seen1859 Hash 17e942ea0854bd9dce2070bae6826937 434cdec1669f2c6c7406297a72120936bc56ed52 72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-06-27
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-27 04:54 Times Seen103317 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	ww1.hdtodaytv.tv/	ScriptElement	428 B	2025-03-09	2025-06-15
Pretty URL ww1.hdtodaytv.tv/ IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-09 03:32 Last Seen2025-06-15 18:54 Times Seen2 Hash 6ef3d5a96335ac49ba95f5e327dede27 18cbdb1ede5710b94351b3ebe3da7fea2972d4fb 3a783a958023ef21e82b69bc3ef32b106638f021c34f5b00ec8f4f0668c927e4 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2025-01-25	2025-06-27
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 09:25 Last Seen2025-06-27 04:21 Times Seen2202 Hash 108625937affa4b38bb17cea65510d72 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2025-01-25	2025-06-27
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-25 09:25 Last Seen2025-06-27 04:21 Times Seen2202 Hash 108625937affa4b38bb17cea65510d72 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0 Loading...

	cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-06-27
Pretty URL cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-27 03:29 Times Seen8042 Hash 4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5 Loading...

HTTP Transactions (45)

URL IP Response Size

GET jeopardizegrowled.com/sbar.json?key=6771e34291259a02d8a420e4280edbdf&uuid=81fcec2e-57e5-4efc-8650-ec0266468bf8%3A2%3A1

192.243.59.20

200 OK

6.5 kB

URL GET
jeopardizegrowled.com/sbar.json?key=6771e34291259a02d8a420e4280edbdf&uuid=81fcec2e-57e5-4efc-8650-ec0266468bf8%3A2%3A1
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subjectjeopardizegrowled.com
FingerprintC1:28:03:C3:45:E5:E6:9E:6E:4E:F2:71:E2:D5:D8:62:4F:B0:EF:11
ValiditySat, 31 May 2025 22:10:02 GMT - Fri, 29 Aug 2025 22:10:01 GMT

File type
JSON text data
Size
6.5 kB (6466 bytes)
Hash
b2ace544ee0cd888a80ef15ffaba2b53
9c7122fecf00ab560cf1a832de6c9e43612f2123
2e590aac092f59f7b031059af80d3e2a4d3534d927fb72a0f92d0e8149e9a11d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=6771e34291259a02d8a420e4280edbdf&uuid=81fcec2e-57e5-4efc-8650-ec0266468bf8%3A2%3A1 HTTP/1.1
Host: jeopardizegrowled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.hdtodaytv.tv
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Jun 2025 18:53:49 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://ww1.hdtodaytv.tv
Access-Control-Allow-Origin: https://ww1.hdtodaytv.tv
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=81fcec2e-57e5-4efc-8650-ec0266468bf8:2:1; expires=Sun, 22 Jun 2025 18:53:48 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 16 Jun 2025 18:53:49 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 16 Jun 2025 18:53:49 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Mon, 16 Jun 2025 18:53:49 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Mon, 16 Jun 2025 18:53:49 GMT; path=/; secure; SameSite=None
u_pl22421921=1; expires=Mon, 16 Jun 2025 18:53:49 GMT; path=/; secure; SameSite=None
Host: jeopardizegrowled.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 7bda9567f289f085e10797811a40ed5e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET invadedisheartentrail.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=500

172.240.108.76

200 OK

0 B

URL GET
invadedisheartentrail.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=500
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=500 HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Jun 2025 18:53:49 GMT
Content-Length: 0
Connection: keep-alive
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/css/animate.css

188.114.97.1

200 OK

79 kB

URL GET
cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/css/animate.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintEA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
ValidityWed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT

File type
ASCII text
Size
79 kB (78689 bytes)
Hash
3d4123dbfb33d27a5cfdfcfa91df6783
e7d0eeeec54b848f0bc3da8685fa3bc88429d660
cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.hdtodaytv.tv
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Jun 2025 18:53:49 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"65aa84fe-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
age: 526566
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=klCk9ycuq2tRZqLzKdLt78ewydg2EyIUNikNafmo%2BByCvqiiJQV9%2B2tQuKrKhCUaIqKNAEXg9fIXiKANX8LPlacFTd8b3J1JASSSCX%2FhWVhqF8qU"}]}
cf-ray: 950445c21c8bb505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/css/style.css

188.114.97.1

200 OK

3.4 kB

URL GET
cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/css/style.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintEA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
ValidityWed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT

File type
ASCII text
Size
3.4 kB (3355 bytes)
Hash
039a6734d79ed9aa51cf81c52479c5fe
9cf29c4ea1a3880681d50c7228374f8073b7778b
a15bad73fc8907795285b78a4a1a1bf5e7f68b4d39988b9bb165444819cf9eb1

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.hdtodaytv.tv
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Jun 2025 18:53:49 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"65aa84fe-d1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
age: 526566
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Pdz2A%2FElV89HlzCDG%2BdnVPWXZginGwZpW0O8eJG1kB3VxUACJH%2BsJj3F7%2FfRQJHMvz1stlWYydt98%2FzSerCEnElN3qKUINFsuPnGeHj2cA1BUjV2"}]}
cf-ray: 950445c1fc4fb505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.hdtodaytv.tv
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:38:52 GMT
expires: Wed, 10 Jun 2026 02:38:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
age: 490496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET
recordedthereby.com/sfp.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
Fingerprint43:76:D8:56:43:66:8A:49:51:DC:E6:8E:5A:E9:35:93:29:07:37:C1
ValidityMon, 05 May 2025 21:20:39 GMT - Sun, 03 Aug 2025 21:20:38 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85380 bytes)
Hash
108625937affa4b38bb17cea65510d72
2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Jun 2025 18:53:48 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: ba014b266a411150eed0f0060fd93e4c
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET
recordedthereby.com/sfp.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
Fingerprint43:76:D8:56:43:66:8A:49:51:DC:E6:8E:5A:E9:35:93:29:07:37:C1
ValidityMon, 05 May 2025 21:20:39 GMT - Sun, 03 Aug 2025 21:20:38 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85380 bytes)
Hash
108625937affa4b38bb17cea65510d72
2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Jun 2025 18:53:48 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e4946de784a6dcad9b4b840ceef61fb3
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET ww1.hdtodaytv.tv/static/images/ed2a7fa3244ddc585a0a0fdbaf835359.png

104.21.16.1

200 OK

10 kB

URL GET
ww1.hdtodaytv.tv/static/images/ed2a7fa3244ddc585a0a0fdbaf835359.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjecthdtodaytv.tv
Fingerprint5F:73:FD:75:C0:82:70:41:72:6B:5F:4D:A5:90:89:9F:64:B5:D1:B0
ValidityTue, 06 May 2025 13:35:53 GMT - Mon, 04 Aug 2025 14:34:13 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, interlaced
Size
10 kB (10050 bytes)
Hash
0fe3396572db94f3d5cb83693fa92768
0e56e8f0f671e23ef985613cc8560b8229bc7624
27bff1b99ab02933f5aeb8d063677d44f7220b5a6ce9f9fb1420b68694a68d93

HTTP Headers

GET /static/images/ed2a7fa3244ddc585a0a0fdbaf835359.png HTTP/1.1
Host: ww1.hdtodaytv.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=b44bd997-74f1-47be-904e-40533e5a2e7b%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 15 Jun 2025 18:53:48 GMT
content-type: image/png
content-length: 10050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tlaakif93pnkElZ2bTICPWSjq%2FVNM0W2u6i%2BdKqoIA54YCaEbjlTpKu79IoawjGDwscsUgTdyfvLxLpv8e2yn2sd%2FDZHCpnFJei3b33TQELtP0xDLUP8cPLttU%2Br7AI0qnYP"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 02 Nov 2022 01:47:19 GMT
etag: "6361cc27-2742"
expires: Mon, 23 Jun 2025 14:05:50 GMT
cache-control: max-age=2592000
accept-ranges: bytes
age: 1918185
cf-cache-status: HIT
cf-ray: 950445bb2f1b56bd-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4067&min_rtt=1280&rtt_var=2317&sent=113&recv=37&lost=0&retrans=0&sent_bytes=100430&recv_bytes=3728&delivery_rate=6232636&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=36600&unsent_bytes=0&cid=1f3a5c8be4256507&ts=1717&inflight_dur=64&x=80"

GET cdn.storageimagedisplay.com/si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png

45.133.44.2

200 OK

16 kB

URL GET
cdn.storageimagedisplay.com/si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
Fingerprint7C:BD:B0:48:37:0F:A4:22:46:5F:09:F9:77:FA:07:FF:25:25:52:76
ValiditySun, 11 May 2025 02:32:51 GMT - Sat, 09 Aug 2025 02:32:50 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
16 kB (16093 bytes)
Hash
14cf262fabfd850855c42847d14fe775
2fafa28f167f018a0fb1f261f47380c8810803c9
972004ebada4077c3a4d03dcb45175ea467faf54da72be727a1c5c75e688b8af

HTTP Headers

GET /si/07/9c/1b/079c1b9b48633e3ef398faef0739f24f/1701651986.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Jun 2025 18:53:49 GMT
content-type: image/png
content-length: 16093
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:06:35 GMT
etag: "656d261b-3edd"
expires: Tue, 17 Jun 2025 18:53:49 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET invadedisheartentrail.com/pixel/sbs?c=1

192.243.61.225

200 OK

0 B

URL GET
invadedisheartentrail.com/pixel/sbs?c=1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Jun 2025 18:53:50 GMT
Content-Length: 0
Connection: keep-alive
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET ww1.hdtodaytv.tv/static/images/group_1/theme_7/homesearch-bg.jpg

104.21.16.1

200 OK

28 kB

URL GET
ww1.hdtodaytv.tv/static/images/group_1/theme_7/homesearch-bg.jpg
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjecthdtodaytv.tv
Fingerprint5F:73:FD:75:C0:82:70:41:72:6B:5F:4D:A5:90:89:9F:64:B5:D1:B0
ValidityTue, 06 May 2025 13:35:53 GMT - Mon, 04 Aug 2025 14:34:13 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1500x500, components 3
Size
28 kB (27744 bytes)
Hash
4336249c7ccd31014f39e9aa9e546fa9
fe14cb1b1badd0ad003a2c2d645ab6b9a04663ab
3d8d5a0c528d10771b255a5f62abe96ec554b48f01e3263500119344e096ae43

HTTP Headers

GET /static/images/group_1/theme_7/homesearch-bg.jpg HTTP/1.1
Host: ww1.hdtodaytv.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/static/css/group_1/theme_7/home.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 15 Jun 2025 18:53:48 GMT
content-type: image/jpeg
content-length: 27744
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jgYFxMro1QB1aOC37qi1QOM%2Bx4GbmAB0S3Aux7gmsA8WWeFlNBs5GEgl7lxJGrCrf%2BkGdhLw9X%2B8JYFITzBbyZdwnzJbIIRHmc21jqVkHBf1xh%2By1S30BDnrp8%2Fa5zvscETm"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 02 Nov 2022 01:47:19 GMT
etag: "6361cc27-6c60"
expires: Mon, 23 Jun 2025 14:01:46 GMT
cache-control: max-age=2592000
accept-ranges: bytes
age: 1918428
cf-cache-status: HIT
cf-ray: 950445b72ef856bd-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4155&min_rtt=1280&rtt_var=2854&sent=87&recv=35&lost=0&retrans=0&sent_bytes=71282&recv_bytes=3313&delivery_rate=3546887&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=36600&unsent_bytes=0&cid=1f3a5c8be4256507&ts=1108&inflight_dur=59&x=80"

GET ww1.hdtodaytv.tv/static/css/group_1/theme_7/home.css

104.21.16.1

200 OK

6.8 kB

URL GET
ww1.hdtodaytv.tv/static/css/group_1/theme_7/home.css
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjecthdtodaytv.tv
Fingerprint5F:73:FD:75:C0:82:70:41:72:6B:5F:4D:A5:90:89:9F:64:B5:D1:B0
ValidityTue, 06 May 2025 13:35:53 GMT - Mon, 04 Aug 2025 14:34:13 GMT

File type
ASCII text
Size
6.8 kB (6780 bytes)
Hash
ea41f6fdaa1025ab2a311cd8d10b36e3
0e5b39aaa2c095274847805f094dcde3c3bce415
efc74b09fe250a7cf003b0d8c7515b3d8a3c1264fbf92cf68145cdd43ecb7b1c

HTTP Headers

GET /static/css/group_1/theme_7/home.css HTTP/1.1
Host: ww1.hdtodaytv.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 15 Jun 2025 18:53:47 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guC3aw1bHnteilQpVjfdMW6zadIUMEF2MYt7%2FmpY%2FCV%2FkXUSqFEXJ2p16l%2FKTPMdjtvzz%2F711GiV6ZEQB9mlQSZ2NdO%2Bw1TuQ5QmamqszkrXF888ktHAc%2BkGL7Na70wdN556"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 02 Nov 2022 01:47:19 GMT
vary: Accept-Encoding
etag: "6361cc27-1a7c"
expires: Sun, 15 Jun 2025 23:58:14 GMT
cache-control: max-age=43200
content-encoding: gzip
age: 25069
cf-cache-status: HIT
cf-ray: 950445b4dee656bd-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3187&min_rtt=1280&rtt_var=1945&sent=59&recv=32&lost=0&retrans=0&sent_bytes=40432&recv_bytes=2890&delivery_rate=1749183&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=22200&unsent_bytes=0&cid=1f3a5c8be4256507&ts=729&inflight_dur=41&x=80"

GET jeopardizegrowled.com/67/71/e3/6771e34291259a02d8a420e4280edbdf.js

192.243.59.20

200 OK

65 kB

URL GET
jeopardizegrowled.com/67/71/e3/6771e34291259a02d8a420e4280edbdf.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subjectjeopardizegrowled.com
FingerprintC1:28:03:C3:45:E5:E6:9E:6E:4E:F2:71:E2:D5:D8:62:4F:B0:EF:11
ValiditySat, 31 May 2025 22:10:02 GMT - Fri, 29 Aug 2025 22:10:01 GMT

File type
JavaScript source, ASCII text, with very long lines (64944), with no line terminators
Size
65 kB (64944 bytes)
Hash
d6e52fed16e23c0c5cf6a1fe49b72dcf
e63efc84b309229502e19c3ea4dbde8789c58ea3
ff2ec10788f0905f0d0e867f365701e2bf559a28675d7f949466772a4e30f0b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /67/71/e3/6771e34291259a02d8a420e4280edbdf.js HTTP/1.1
Host: jeopardizegrowled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Jun 2025 18:53:48 GMT
Content-Type: application/javascript
Content-Length: 23626
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: jeopardizegrowled.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: ff54a2d122e5d96d0b18408d38245bcb
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET fonts.googleapis.com/css?family=Roboto:300,400,500,700

142.250.74.10

200 OK

22 kB

URL GET
fonts.googleapis.com/css?family=Roboto:300,400,500,700
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
ASCII text, with very long lines (1572)
Size
22 kB (21548 bytes)
Hash
4791d8a2829a22ec64e1fd7670293439
479d5b7c5251d838e7df450937dd3d3cffecbed3
f9999ca6444676034aa54b340341ac128a35b911349bc08bb5aea45faf7ed575

HTTP Headers

GET /css?family=Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 15 Jun 2025 18:53:47 GMT
date: Sun, 15 Jun 2025 18:53:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET invadedisheartentrail.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=98

172.240.108.76

200 OK

0 B

URL GET
invadedisheartentrail.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=98
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=98 HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Jun 2025 18:53:49 GMT
Content-Length: 0
Connection: keep-alive
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET invadedisheartentrail.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=116

172.240.108.76

200 OK

0 B

URL GET
invadedisheartentrail.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=116
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=116 HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Jun 2025 18:53:50 GMT
Content-Length: 0
Connection: keep-alive
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.10

200 OK

17 kB

URL GET
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
ASCII text, with very long lines (1572)
Size
17 kB (16755 bytes)
Hash
e9d2e14beb088f37fae98294940a9dcd
1dafc3c55550249c8c2d782d5616c7b445c8e005
f2e491cc46d3fcba81f729065d622bd722751d4a2e7f80b479aa64a92c17b5c7

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 15 Jun 2025 18:53:49 GMT
date: Sun, 15 Jun 2025 18:53:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js

188.114.97.1

200 OK

84 kB

URL GET
cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintEA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
ValidityWed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32025)
Size
84 kB (84380 bytes)
Hash
4a356126b9573eb7bd1e9a7494737410
8258d046f17dd3c15a5d3984e1868b7b5d1db329
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 15 Jun 2025 18:53:49 GMT
content-type: application/javascript
content-length: 84380
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: "65aa84fe-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 526858
cf-cache-status: HIT
priority: u=3,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ACIhUeiMTTOM2G4jmUdei7rujVfz1Jz%2BjS5Fy1wo0WYwzRwHi7Xx2FICWF1IBTQVWCfXwaUw6kdw1l32xbaJ7cnUUTB65GSIfMqWrCg8O7wH752g"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 950445c29d1656a8-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET shotgunchancecruel.com/pixel/purst?dl=0&th=0&sc=0&rs=1521&rd=1521&fd=593&bv=25.5.2579&tmpl=70

172.240.108.68

200 OK

0 B

URL GET
shotgunchancecruel.com/pixel/purst?dl=0&th=0&sc=0&rs=1521&rd=1521&fd=593&bv=25.5.2579&tmpl=70
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subjectshotgunchancecruel.com
Fingerprint57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
ValiditySun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1521&rd=1521&fd=593&bv=25.5.2579&tmpl=70 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Jun 2025 18:53:48 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET unseenreport.com/pxf.gif?uuid=b44bd997-74f1-47be-904e-40533e5a2e7b&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=6771e34291259a02d8a420e4280edbdf&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18

192.243.59.20

200 OK

0 B

URL GET
unseenreport.com/pxf.gif?uuid=b44bd997-74f1-47be-904e-40533e5a2e7b&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=6771e34291259a02d8a420e4280edbdf&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint70:62:DC:6C:0A:F4:AA:56:4E:74:DC:EF:DA:CC:60:5A:C4:34:CE:F2
ValiditySat, 17 May 2025 22:34:21 GMT - Fri, 15 Aug 2025 22:34:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=b44bd997-74f1-47be-904e-40533e5a2e7b&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=6771e34291259a02d8a420e4280edbdf&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Jun 2025 18:53:49 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: f3ee1f12fa22c03cc04fc3154ffcf3d4
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET invadedisheartentrail.com/ren.gif?sid=H4sIAAAAAAAC_1RST4scxRuu3uR3yuGHQeJBhBY8KLiT7p6e3hlzCMYkGsw_kpiIHqS6q3q3nJquTlV19-54WQxIwMsEBD32PLPJagxRP0BAZgUPC4LtaQ7ZS76BAY8iszuw-h7e9-1-3iqe56n3i3GxR0IUdHb1khoKKenJTstzX78lMqYq416-4fpeyzvl3hJZFJ5y1-dJl2_57bDlveG-y5O-Ohl4vuf5nu-eF5qnav3kPgqRP-r5rZ7XCoOW3wmxrv_7bQoHhjpg5R45DsGa_z9LP4ZIpsgGP57lpm9V_ua5QSGpVRol2_4g62eqyjA4bFPtIM22F9NQpiHkmyWobHuhAKrcmitALBqydOIp4mx7QRNxef-AaSzBM8TsGKpyCi6nEHSKRN2BYL8TIGG4fAXZ4MFlpSu6cYDSOdqQo389h6gacvTpi8gGj89Ise5eV7KwQmUG62kNsT6FWJ0iL3Zgh0sQ1Q4S-zkE-414Lx1DNnj4nipF3y257kOw2WtdP014EvDlzgrvLIc8TZa7Ucdb5okXRFEYdeO0u2-USKeQfARqllAYB4VwUKQOitzBgM3c0OuGiU_bUdpjyYoX0jBkPPZ63cDzaC9ZQZHMVYxg8xESOUKiN5HrTfTFvYaQ50-gi59h1moY5sBYgpLVqDhBZQgqSlAJgsoSVGV9n0kTmPoBk6aI_UUNFrVdT5RdHdP7yq7yjIDqETSrt0R-29xBYo9MhqlhEzVPNLb1hMasHud75IW5y87NV8fo85kbraz4vB0GPT_o9KgXsC4NA4-HQdfjLGYpjKghzBKocTAUDYk-vI1cNOR_X_-NmO7AyB0kwgEtXgGtatC1GsPs0RqzitENW7ZsCaZq5PYo7IYzlnvk5f13_uizL8GT3dPP2vuBRNfIdY1PxS8Eq_Lu5JqqyNY1VRny05XcioEY0vkOXLfU8iMP3-cbldLswlkz-u7tZA7M20c3uLEXacZEtmrI92cEY1yfVzrh5MkFc4vHVwuzdqbQWZFfvPrO-QuDXHNjhMqmoKIhzp8aiWjI8V9n-_vdXv4EQk-hixqDYpcsAkJNkeSbMPkhf6MItDyciXMHVVFPdBAf_pSiIZe--haS757-YVOeo49vgsY1DP_XwcN-oun8BirqsbmLVe2A2jvIBjVKXaOUNagcwRRHJjbXu6f_WFCJpTOJpXa2YqnlvQOrjZi5nSBuR91uxNOIpW3WDtqs1_F4L6S9KOyFHVjTrF058eSfAAAA___Mp1iZxQQAAA==

172.240.108.76

200 OK

0 B

URL GET
invadedisheartentrail.com/ren.gif?sid=H4sIAAAAAAAC_1RST4scxRuu3uR3yuGHQeJBhBY8KLiT7p6e3hlzCMYkGsw_kpiIHqS6q3q3nJquTlV19-54WQxIwMsEBD32PLPJagxRP0BAZgUPC4LtaQ7ZS76BAY8iszuw-h7e9-1-3iqe56n3i3GxR0IUdHb1khoKKenJTstzX78lMqYq416-4fpeyzvl3hJZFJ5y1-dJl2_57bDlveG-y5O-Ohl4vuf5nu-eF5qnav3kPgqRP-r5rZ7XCoOW3wmxrv_7bQoHhjpg5R45DsGa_z9LP4ZIpsgGP57lpm9V_ua5QSGpVRol2_4g62eqyjA4bFPtIM22F9NQpiHkmyWobHuhAKrcmitALBqydOIp4mx7QRNxef-AaSzBM8TsGKpyCi6nEHSKRN2BYL8TIGG4fAXZ4MFlpSu6cYDSOdqQo389h6gacvTpi8gGj89Ise5eV7KwQmUG62kNsT6FWJ0iL3Zgh0sQ1Q4S-zkE-414Lx1DNnj4nipF3y257kOw2WtdP014EvDlzgrvLIc8TZa7Ucdb5okXRFEYdeO0u2-USKeQfARqllAYB4VwUKQOitzBgM3c0OuGiU_bUdpjyYoX0jBkPPZ63cDzaC9ZQZHMVYxg8xESOUKiN5HrTfTFvYaQ50-gi59h1moY5sBYgpLVqDhBZQgqSlAJgsoSVGV9n0kTmPoBk6aI_UUNFrVdT5RdHdP7yq7yjIDqETSrt0R-29xBYo9MhqlhEzVPNLb1hMasHud75IW5y87NV8fo85kbraz4vB0GPT_o9KgXsC4NA4-HQdfjLGYpjKghzBKocTAUDYk-vI1cNOR_X_-NmO7AyB0kwgEtXgGtatC1GsPs0RqzitENW7ZsCaZq5PYo7IYzlnvk5f13_uizL8GT3dPP2vuBRNfIdY1PxS8Eq_Lu5JqqyNY1VRny05XcioEY0vkOXLfU8iMP3-cbldLswlkz-u7tZA7M20c3uLEXacZEtmrI92cEY1yfVzrh5MkFc4vHVwuzdqbQWZFfvPrO-QuDXHNjhMqmoKIhzp8aiWjI8V9n-_vdXv4EQk-hixqDYpcsAkJNkeSbMPkhf6MItDyciXMHVVFPdBAf_pSiIZe--haS757-YVOeo49vgsY1DP_XwcN-oun8BirqsbmLVe2A2jvIBjVKXaOUNagcwRRHJjbXu6f_WFCJpTOJpXa2YqnlvQOrjZi5nSBuR91uxNOIpW3WDtqs1_F4L6S9KOyFHVjTrF058eSfAAAA___Mp1iZxQQAAA==
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC_1RST4scxRuu3uR3yuGHQeJBhBY8KLiT7p6e3hlzCMYkGsw_kpiIHqS6q3q3nJquTlV19-54WQxIwMsEBD32PLPJagxRP0BAZgUPC4LtaQ7ZS76BAY8iszuw-h7e9-1-3iqe56n3i3GxR0IUdHb1khoKKenJTstzX78lMqYq416-4fpeyzvl3hJZFJ5y1-dJl2_57bDlveG-y5O-Ohl4vuf5nu-eF5qnav3kPgqRP-r5rZ7XCoOW3wmxrv_7bQoHhjpg5R45DsGa_z9LP4ZIpsgGP57lpm9V_ua5QSGpVRol2_4g62eqyjA4bFPtIM22F9NQpiHkmyWobHuhAKrcmitALBqydOIp4mx7QRNxef-AaSzBM8TsGKpyCi6nEHSKRN2BYL8TIGG4fAXZ4MFlpSu6cYDSOdqQo389h6gacvTpi8gGj89Ise5eV7KwQmUG62kNsT6FWJ0iL3Zgh0sQ1Q4S-zkE-414Lx1DNnj4nipF3y257kOw2WtdP014EvDlzgrvLIc8TZa7Ucdb5okXRFEYdeO0u2-USKeQfARqllAYB4VwUKQOitzBgM3c0OuGiU_bUdpjyYoX0jBkPPZ63cDzaC9ZQZHMVYxg8xESOUKiN5HrTfTFvYaQ50-gi59h1moY5sBYgpLVqDhBZQgqSlAJgsoSVGV9n0kTmPoBk6aI_UUNFrVdT5RdHdP7yq7yjIDqETSrt0R-29xBYo9MhqlhEzVPNLb1hMasHud75IW5y87NV8fo85kbraz4vB0GPT_o9KgXsC4NA4-HQdfjLGYpjKghzBKocTAUDYk-vI1cNOR_X_-NmO7AyB0kwgEtXgGtatC1GsPs0RqzitENW7ZsCaZq5PYo7IYzlnvk5f13_uizL8GT3dPP2vuBRNfIdY1PxS8Eq_Lu5JqqyNY1VRny05XcioEY0vkOXLfU8iMP3-cbldLswlkz-u7tZA7M20c3uLEXacZEtmrI92cEY1yfVzrh5MkFc4vHVwuzdqbQWZFfvPrO-QuDXHNjhMqmoKIhzp8aiWjI8V9n-_vdXv4EQk-hixqDYpcsAkJNkeSbMPkhf6MItDyciXMHVVFPdBAf_pSiIZe--haS757-YVOeo49vgsY1DP_XwcN-oun8BirqsbmLVe2A2jvIBjVKXaOUNagcwRRHJjbXu6f_WFCJpTOJpXa2YqnlvQOrjZi5nSBuR91uxNOIpW3WDtqs1_F4L6S9KOyFHVjTrF058eSfAAAA___Mp1iZxQQAAA== HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Jun 2025 18:53:49 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 4
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 85205b6a4155edfdadbb610a3ff7f6b1
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/img/close.png

188.114.97.1

200 OK

591 B

URL GET
cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/img/close.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintEA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
ValidityWed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
Size
591 B (591 bytes)
Hash
9fd5bcb6103d86e317bd1eb019bcbe71
6b5a52ea669dcb74946f2bed4bdd7ec985026113
0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 15 Jun 2025 18:53:49 GMT
content-type: image/png
content-length: 591
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: "65aa84fe-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 227901
cf-cache-status: HIT
priority: u=4,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=0hKSBVM4y2OrnO0XzItpxVhT8xggAICt58Q3CqpmLuC5vQOB2t0N0By96tRkEAyCCJyEYrQ5y2Vk%2BXjwJCUhXasoDWAywfafWKtAkDjG5WxxvhRx"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 950445c28d0a56a8-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ww1.hdtodaytv.tv/

104.21.16.1

200 OK

11 kB

URL User Request GET
ww1.hdtodaytv.tv/
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecthdtodaytv.tv
Fingerprint5F:73:FD:75:C0:82:70:41:72:6B:5F:4D:A5:90:89:9F:64:B5:D1:B0
ValidityTue, 06 May 2025 13:35:53 GMT - Mon, 04 Aug 2025 14:34:13 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
11 kB (10592 bytes)
Hash
7b0ae770b86cef5abebdb9091fa93b86
95e7878ab83a356dc8f711d241500c17019f82fc
d24e64fcd107b3c5a5e7f19940701169c547b0ce572bdaeabd2ecbcd624f46bc

HTTP Headers

GET / HTTP/1.1
Host: ww1.hdtodaytv.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Jun 2025 18:53:47 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=kXMyPB%2F9gu4ETf5ifpk0UftimbGYel1k45WMX4pTFqfF2QgQvSdm%2BDQNHj1deTivHQpgn2V1UIZ%2BAmparDTyzL19%2FJZHQTxFQ%2FB4Sd8v"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 950445b0cabeb4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET use.fontawesome.com/releases/v5.3.1/css/all.css

172.67.142.245

200 OK

49 kB

URL GET
use.fontawesome.com/releases/v5.3.1/css/all.css
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint2F:A0:71:2B:C1:50:E8:B9:6E:F6:46:C3:85:EA:4E:30:ED:94:CB:C6
ValiditySun, 04 May 2025 00:52:35 GMT - Sat, 02 Aug 2025 01:52:29 GMT

File type
ASCII text, with very long lines (48464)
Size
49 kB (48649 bytes)
Hash
10519cfd3206802f58315b877a9beab5
03232d7095b4a14b88810a0ffe76ae50726c23c6
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

HTTP Headers

GET /releases/v5.3.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Jun 2025 18:53:47 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"10519cfd3206802f58315b877a9beab5"
last-modified: Fri, 22 Sep 2023 01:45:29 GMT
vary: Accept-Encoding
age: 923240
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3qleLTvLlLRSV522hx5dzBzQNhzI8pvdpRdy2xrZTVzS16DKvdCajpFGThoEjulqZf867yiHya4efxfKnohU95Yrb4gdE6k4aBQlzmEx%2FeFaQW5f6azGmT%2FAqBaAxT2T0%2BHFwb37"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 950445b529bf569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2743&min_rtt=448&rtt_var=3786&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3200&recv_bytes=1092&delivery_rate=8104477&cwnd=254&unsent_bytes=0&cid=3ceed133c0aa3511&ts=65&x=0"
X-Firefox-Spdy: h2

GET ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.42

200 OK

87 kB

URL GET
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
87 kB (86927 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jun 2025 10:50:54 GMT
expires: Thu, 11 Jun 2026 10:50:54 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 374573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.hdtodaytv.tv
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:38:52 GMT
expires: Wed, 10 Jun 2026 02:38:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
age: 490496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET invadedisheartentrail.com/impr.gif?sid=H4sIAAAAAAAC_1RST4scxRuu3uR3yuGHQeJBhBY8KLiT7p6e2RlzCMYkGsw_kpiIHqS6qnq3nJquTlV19-56WQxIwMsEBD32PrPJagxRP0BAZgUPC4LtaQ7ZS76BAY8iszuw-h7e9-1-3iqe56n3i81ij8Qo6PTqJb0ulaInO63Af_2WzLiurH_5hh8GreCUf0tm3fiUvzpLpnwrbMet4A3_XcEG-mQUhEEQBqF_XhqR6tWT-yhk_qgftvpBK45aYSfGqvnvty08WOqBl3vkOCRv_v8s_RiSTZANfzwr7MDp_M1zw0JRpw1Kvv1BNsh0lWF42KbGQ5ptz6ehbUPINwvQ2fZcAXS5NVOARDZk4cRTJNn2nCaS8v4B00RBZEj4MVTlBEJNIOkETN-B5L8TgHFcvoJs-OCyNhVdO0DpDG3I0b-eQ1YNOfr0RWTDx2eUXPWva1U4qTOL1bSGXJ1ALk-QFztw6wuQ1Q6Y-xyS_0aCl44hGz58T5dy4JfCDCD59LVemDLBIrHYWRKdxVikbLHX7QSLggVRtxt3e0na2zdKphMoMQK1Cyish0J6KFIPRe5hyKd-HPRiFtJ2N-1zthTENI65SIJ-LwoC2mdLKNhMxQguH4GpEZjZQG42MJD3GkKeP4EpfoZdqWG5B-sISl6jEgSVJagoQSUJKkdQlfV9rmxk6wdc2SIJ5zWa13Y91m55k97XbllkBNSMYHi9JfPb9g6YOzJeTy0f61miiavHNOH1Zr5HXpi57N18dRMDMfW7S0uhaMdRP4w6fRpEvEfjKBBx1AsET3gKK2tIuwBqPazLhnQ_vI1cNuR_X_-NhO7Aqh0w6YEWr4BWNehKjfXs0Qp3mtM1V7ZcCa5r5O4o3Jq3qfbIy_vv_NFnX0Kw3dPP2vsBZmrkpsan8heCZXV3fE1XZOuariz56Uru5FCu09kOXHfUiSMP3xdrlTb8wlk7-u5tNgNm7aMbwrqLNOMyW7bk-zOSc2HOa8MEeXLB3hLJ1cKunClMVuQXr75z_sIwN8JaqbMJqGyI96cBkw05_ut0f7_bi59AmglMUWNY7JJ5QOoJWL4Bmx_yt5rAqMOZJPdQFfXYRMnhTyUbcumrb6HE7ukfNtQ5-vgmaFLDin8dPOzHhs5uoLLetHexbDxQdwfZsEZpapSqBlUj2OLI2OVm9_QfcyqJ8saJMt5Wooy6d2C1lVM_bYuIBUFvqRu2e6kI2zFnaacX93mXBu22gLPNypUTT_4JAAD__zDPyEfFBAAA

172.240.108.76

200 OK

0 B

URL GET
invadedisheartentrail.com/impr.gif?sid=H4sIAAAAAAAC_1RST4scxRuu3uR3yuGHQeJBhBY8KLiT7p6e2RlzCMYkGsw_kpiIHqS6qnq3nJquTlV19-56WQxIwMsEBD32PrPJagxRP0BAZgUPC4LtaQ7ZS76BAY8iszuw-h7e9-1-3iqe56n3i81ij8Qo6PTqJb0ulaInO63Af_2WzLiurH_5hh8GreCUf0tm3fiUvzpLpnwrbMet4A3_XcEG-mQUhEEQBqF_XhqR6tWT-yhk_qgftvpBK45aYSfGqvnvty08WOqBl3vkOCRv_v8s_RiSTZANfzwr7MDp_M1zw0JRpw1Kvv1BNsh0lWF42KbGQ5ptz6ehbUPINwvQ2fZcAXS5NVOARDZk4cRTJNn2nCaS8v4B00RBZEj4MVTlBEJNIOkETN-B5L8TgHFcvoJs-OCyNhVdO0DpDG3I0b-eQ1YNOfr0RWTDx2eUXPWva1U4qTOL1bSGXJ1ALk-QFztw6wuQ1Q6Y-xyS_0aCl44hGz58T5dy4JfCDCD59LVemDLBIrHYWRKdxVikbLHX7QSLggVRtxt3e0na2zdKphMoMQK1Cyish0J6KFIPRe5hyKd-HPRiFtJ2N-1zthTENI65SIJ-LwoC2mdLKNhMxQguH4GpEZjZQG42MJD3GkKeP4EpfoZdqWG5B-sISl6jEgSVJagoQSUJKkdQlfV9rmxk6wdc2SIJ5zWa13Y91m55k97XbllkBNSMYHi9JfPb9g6YOzJeTy0f61miiavHNOH1Zr5HXpi57N18dRMDMfW7S0uhaMdRP4w6fRpEvEfjKBBx1AsET3gKK2tIuwBqPazLhnQ_vI1cNuR_X_-NhO7Aqh0w6YEWr4BWNehKjfXs0Qp3mtM1V7ZcCa5r5O4o3Jq3qfbIy_vv_NFnX0Kw3dPP2vsBZmrkpsan8heCZXV3fE1XZOuariz56Uru5FCu09kOXHfUiSMP3xdrlTb8wlk7-u5tNgNm7aMbwrqLNOMyW7bk-zOSc2HOa8MEeXLB3hLJ1cKunClMVuQXr75z_sIwN8JaqbMJqGyI96cBkw05_ut0f7_bi59AmglMUWNY7JJ5QOoJWL4Bmx_yt5rAqMOZJPdQFfXYRMnhTyUbcumrb6HE7ukfNtQ5-vgmaFLDin8dPOzHhs5uoLLetHexbDxQdwfZsEZpapSqBlUj2OLI2OVm9_QfcyqJ8saJMt5Wooy6d2C1lVM_bYuIBUFvqRu2e6kI2zFnaacX93mXBu22gLPNypUTT_4JAAD__zDPyEfFBAAA
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC_1RST4scxRuu3uR3yuGHQeJBhBY8KLiT7p6e2RlzCMYkGsw_kpiIHqS6qnq3nJquTlV19-56WQxIwMsEBD32PrPJagxRP0BAZgUPC4LtaQ7ZS76BAY8iszuw-h7e9-1-3iqe56n3i81ij8Qo6PTqJb0ulaInO63Af_2WzLiurH_5hh8GreCUf0tm3fiUvzpLpnwrbMet4A3_XcEG-mQUhEEQBqF_XhqR6tWT-yhk_qgftvpBK45aYSfGqvnvty08WOqBl3vkOCRv_v8s_RiSTZANfzwr7MDp_M1zw0JRpw1Kvv1BNsh0lWF42KbGQ5ptz6ehbUPINwvQ2fZcAXS5NVOARDZk4cRTJNn2nCaS8v4B00RBZEj4MVTlBEJNIOkETN-B5L8TgHFcvoJs-OCyNhVdO0DpDG3I0b-eQ1YNOfr0RWTDx2eUXPWva1U4qTOL1bSGXJ1ALk-QFztw6wuQ1Q6Y-xyS_0aCl44hGz58T5dy4JfCDCD59LVemDLBIrHYWRKdxVikbLHX7QSLggVRtxt3e0na2zdKphMoMQK1Cyish0J6KFIPRe5hyKd-HPRiFtJ2N-1zthTENI65SIJ-LwoC2mdLKNhMxQguH4GpEZjZQG42MJD3GkKeP4EpfoZdqWG5B-sISl6jEgSVJagoQSUJKkdQlfV9rmxk6wdc2SIJ5zWa13Y91m55k97XbllkBNSMYHi9JfPb9g6YOzJeTy0f61miiavHNOH1Zr5HXpi57N18dRMDMfW7S0uhaMdRP4w6fRpEvEfjKBBx1AsET3gKK2tIuwBqPazLhnQ_vI1cNuR_X_-NhO7Aqh0w6YEWr4BWNehKjfXs0Qp3mtM1V7ZcCa5r5O4o3Jq3qfbIy_vv_NFnX0Kw3dPP2vsBZmrkpsan8heCZXV3fE1XZOuariz56Uru5FCu09kOXHfUiSMP3xdrlTb8wlk7-u5tNgNm7aMbwrqLNOMyW7bk-zOSc2HOa8MEeXLB3hLJ1cKunClMVuQXr75z_sIwN8JaqbMJqGyI96cBkw05_ut0f7_bi59AmglMUWNY7JJ5QOoJWL4Bmx_yt5rAqMOZJPdQFfXYRMnhTyUbcumrb6HE7ukfNtQ5-vgmaFLDin8dPOzHhs5uoLLetHexbDxQdwfZsEZpapSqBlUj2OLI2OVm9_QfcyqJ8saJMt5Wooy6d2C1lVM_bYuIBUFvqRu2e6kI2zFnaacX93mXBu22gLPNypUTT_4JAAD__zDPyEfFBAAA HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Jun 2025 18:53:50 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 2
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 4512bf2fdf786803482c9926e6ab3a90
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET capaciousdrewreligion.com/advertisers.js

185.196.197.71

200 OK

0 B

URL GET
capaciousdrewreligion.com/advertisers.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
Fingerprint4C:9A:D1:39:AD:B4:C8:D5:6E:A1:5A:54:6F:88:D5:0F:D1:C6:5A:06
ValidityFri, 02 May 2025 21:09:09 GMT - Thu, 31 Jul 2025 21:09:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Jun 2025 18:53:48 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 68ccf05e6e5316b1a7abd7624a1d7e45
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET unseenreport.com/pxf.gif?uuid=b44bd997-74f1-47be-904e-40533e5a2e7b&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=0db946e2fa3a3c48010c295c1cd7c006&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18

192.243.59.20

200 OK

0 B

URL GET
unseenreport.com/pxf.gif?uuid=b44bd997-74f1-47be-904e-40533e5a2e7b&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=0db946e2fa3a3c48010c295c1cd7c006&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint70:62:DC:6C:0A:F4:AA:56:4E:74:DC:EF:DA:CC:60:5A:C4:34:CE:F2
ValiditySat, 17 May 2025 22:34:21 GMT - Fri, 15 Aug 2025 22:34:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=b44bd997-74f1-47be-904e-40533e5a2e7b&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=0db946e2fa3a3c48010c295c1cd7c006&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Jun 2025 18:53:49 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 238f501c3fd78d15dd064de3e4c5a3cb
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET invadedisheartentrail.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=28

172.240.108.76

200 OK

0 B

URL GET
invadedisheartentrail.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=28
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subjectinvadedisheartentrail.com
Fingerprint95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
ValidityTue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=28 HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 15 Jun 2025 18:53:50 GMT
Content-Length: 0
Connection: keep-alive
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

104.18.10.207

200 OK

160 kB

URL GET
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint73:3E:54:5A:E7:0A:B5:3C:11:79:4A:9F:FE:64:7B:38:B7:15:03:C0
ValidityWed, 14 May 2025 02:01:13 GMT - Tue, 12 Aug 2025 03:00:50 GMT

File type
ASCII text, with very long lines (65324)
Size
160 kB (159515 bytes)
Hash
7cc40c199d128af6b01e74a28c5900b0
d305110fb79113a961394b433d851a3410342b8c
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

HTTP Headers

GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Jun 2025 18:53:47 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 03/18/2024 12:50:34
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 874
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: bae7f19455fe160afc3fea6ed1fffa09
cdn-cache: HIT
cf-cache-status: HIT
age: 742079
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 950445b54ab256a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET experttrafficcounter.com/stats

52.58.19.254

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
52.58.19.254:443
ASN
#16509 AMAZON-02

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintCE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
578b131bd60b974477e92fd16d503122
4c27203b9c5155fd2126cf525948786804e48f5d
8cb1bcb70ee21cd2104977d19c04ed21127b7d224338709beaa1477660596f9e

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.hdtodaytv.tv
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Jun 2025 18:53:48 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://ww1.hdtodaytv.tv
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=b44bd997-74f1-47be-904e-40533e5a2e7b:3:1; expires=Wed, 13 Jun 2035 18:53:48 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET experttrafficcounter.com/stats

52.58.19.254

200 OK

40 B

URL GET
experttrafficcounter.com/stats
IP
52.58.19.254:443
ASN
#16509 AMAZON-02

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintCE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
2b27ce24abf72c554197516a7d5165ce
cedd5bd2ea7b0a2bc6f9c6678c15a520974d4467
ea39a54c8facba4ee6b38c8d6bc371cab97454086e1339d000b685e3435c73e9

HTTP Headers

GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.hdtodaytv.tv
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Jun 2025 18:53:48 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://ww1.hdtodaytv.tv
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=81fcec2e-57e5-4efc-8650-ec0266468bf8:2:1; expires=Wed, 13 Jun 2035 18:53:48 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET cdn.show-sb.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html

172.67.170.115

200 OK

1.3 kB

URL GET
cdn.show-sb.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html
IP
172.67.170.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjectshow-sb.com
FingerprintDF:A8:5A:11:E9:7E:8B:0E:2E:08:20:FB:02:FE:C4:E3:E7:97:E8:3A
ValidityThu, 12 Jun 2025 07:26:41 GMT - Wed, 10 Sep 2025 08:25:04 GMT

File type
HTML document, ASCII text
Size
1.3 kB (1325 bytes)
Hash
f6990569c7ffeac1f4a3f6d9eee5da44
e7d5e37acf89a8faee252c36fc2c9d6615501d76
cc2a9756c81bd570fff8b32e48a413687c33f8abe9c934e743a0769178b4f690

HTTP Headers

GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1
Host: cdn.show-sb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.hdtodaytv.tv
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Jun 2025 18:53:49 GMT
content-type: text/html
server: cloudflare
last-modified: Mon, 27 Sep 2021 07:43:24 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1Gg6dNiC9hMzK3Npmr6SoB9kepNjlkCiHdvU5bZVxl1tY4zXoI4obXszPicZoQk%2B04w5f7ZhOuDjyFPY5cT0Lp9eTwpyf%2FLhQnet5ZU%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 950445be887f568d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.hdtodaytv.tv
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:38:52 GMT
expires: Wed, 10 Jun 2026 02:38:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
age: 490498
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET ww1.hdtodaytv.tv/static/images/c49337aa9c92d6fbf56b6b5830c6849c.png

104.21.16.1

200 OK

60 kB

URL GET
ww1.hdtodaytv.tv/static/images/c49337aa9c92d6fbf56b6b5830c6849c.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjecthdtodaytv.tv
Fingerprint5F:73:FD:75:C0:82:70:41:72:6B:5F:4D:A5:90:89:9F:64:B5:D1:B0
ValidityTue, 06 May 2025 13:35:53 GMT - Mon, 04 Aug 2025 14:34:13 GMT

File type
PNG image data, 400 x 125, 8-bit/color RGBA, interlaced
Size
60 kB (59975 bytes)
Hash
9f05cc961d9a0557b742f931001cb105
ca5d61aad72348b372a93098f8eb053f79011aaf
0aa0f8fe37240d47510d6f0c952c45c3fb9db038f0eed0bae80394da69690a24

HTTP Headers

GET /static/images/c49337aa9c92d6fbf56b6b5830c6849c.png HTTP/1.1
Host: ww1.hdtodaytv.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 15 Jun 2025 18:53:47 GMT
content-type: image/png
content-length: 59975
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ENku%2BthLXbeL7QwCDo2NCZI2GBI3IgI70kFDIW0pNDNsfVaVKEBn4lcNIOm38L3XUPLvJF6gVDvu8JHM850Oun%2B60wxVGG5WGlAF1eoNRyztXl%2FnIRz%2B9yoxot5QBVgBqOz3"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 02 Nov 2022 01:47:19 GMT
etag: "6361cc27-ea47"
expires: Mon, 23 Jun 2025 14:00:37 GMT
cache-control: max-age=2592000
accept-ranges: bytes
age: 1918496
cf-cache-status: HIT
cf-ray: 950445b4dee756bd-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2766&min_rtt=1280&rtt_var=1469&sent=29&recv=31&lost=0&retrans=0&sent_bytes=6232&recv_bytes=2846&delivery_rate=666086&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=1f3a5c8be4256507&ts=721&inflight_dur=34&x=80"

GET jeopardizegrowled.com/0d/b9/46/0db946e2fa3a3c48010c295c1cd7c006.js

192.243.59.20

200 OK

104 kB

URL GET
jeopardizegrowled.com/0d/b9/46/0db946e2fa3a3c48010c295c1cd7c006.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerLet's Encrypt
Subjectjeopardizegrowled.com
FingerprintC1:28:03:C3:45:E5:E6:9E:6E:4E:F2:71:E2:D5:D8:62:4F:B0:EF:11
ValiditySat, 31 May 2025 22:10:02 GMT - Fri, 29 Aug 2025 22:10:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
104 kB (104424 bytes)
Hash
6180b0b30473560aa8c2e55deec4456e
eed89d7d09618794384b8ae10a3d763f17818959
886c2fa8e47ffccba8e236894f2cceaa70d5e00374a163d44aae8384d183b635

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /0d/b9/46/0db946e2fa3a3c48010c295c1cd7c006.js HTTP/1.1
Host: jeopardizegrowled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 15 Jun 2025 18:53:48 GMT
Content-Type: application/javascript
Content-Length: 32739
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: jeopardizegrowled.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: cc739168fdc168d405c3b97ec86bb104
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2

172.67.142.245

200 OK

67 kB

URL GET
use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint2F:A0:71:2B:C1:50:E8:B9:6E:F6:46:C3:85:EA:4E:30:ED:94:CB:C6
ValiditySun, 04 May 2025 00:52:35 GMT - Sat, 02 Aug 2025 01:52:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 67400, version 1.0
Size
67 kB (67400 bytes)
Hash
14a08198ec7d1eb96d515362293fed36
965d78c34637d1bdab6277805faecb6caa959669
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

HTTP Headers

GET /releases/v5.3.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.hdtodaytv.tv
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Jun 2025 18:53:48 GMT
content-type: font/woff2
content-length: 67400
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "14a08198ec7d1eb96d515362293fed36"
last-modified: Fri, 22 Sep 2023 01:45:31 GMT
vary: Origin, Accept-Encoding
age: 765264
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W9HCTm2YNsTIgED3b3IIueHnGforxmtmWaP84lKT7oaqrqqKZt0SBfFsGcvaL87KrGeqk6%2B0FrqyvGJ8zqHA0vXD928tOsdU4KAKgPRt3qmpn5yC4Q7UKMp4erm8CSJ3XooTqrL1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 950445b79fb87128-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=512&min_rtt=438&rtt_var=167&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3274&recv_bytes=1287&delivery_rate=7970642&cwnd=254&unsent_bytes=0&cid=e0de728f8df869fd&ts=47&x=0"
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.hdtodaytv.tv
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:38:52 GMT
expires: Wed, 10 Jun 2026 02:38:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
age: 490496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/js/script.js

188.114.97.1

200 OK

962 B

URL GET
cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/js/script.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintEA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
ValidityWed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT

File type
ASCII text
Size
962 B (962 bytes)
Hash
0013fbb3bd9e7300fa1bc9f62501dcf0
447e4a8994979e2e158b9beff79b94e7d1b29508
4cf18df81115ddab6967dc82096077ee024223dac3c6ffc9b810bffb7780a20e

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.hdtodaytv.tv
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 15 Jun 2025 18:53:49 GMT
content-type: application/javascript
content-length: 962
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: "65aa84fe-3c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 526566
cf-cache-status: HIT
priority: u=3,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Ohc7naaL70xU5fhfuSFhQJINoGTj8MBF9UKg2HXGllLGV0ycY0uzkZwlDFKSAshSCg%2FR8nVvlxfHNb%2B2b%2B3T4o3QJ0uxw08hoglX9m9ylBooINTF"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 950445c32db356a8-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.hdtodaytv.tv
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:38:52 GMT
expires: Wed, 10 Jun 2026 02:38:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
age: 490498
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.hdtodaytv.tv/

104.21.16.1

301 Moved Permanently

11 kB

URL User Request GET
www.hdtodaytv.tv/
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecthdtodaytv.tv
Fingerprint5F:73:FD:75:C0:82:70:41:72:6B:5F:4D:A5:90:89:9F:64:B5:D1:B0
ValidityTue, 06 May 2025 13:35:53 GMT - Mon, 04 Aug 2025 14:34:13 GMT

File type

Size
11 kB (10592 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.hdtodaytv.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sun, 15 Jun 2025 18:53:46 GMT
content-type: text/html
location: https://ww1.hdtodaytv.tv/
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=21dFORScl9G28cAFfDAK2H3q%2FOBy0w263SHkt%2F2rlJFTsIhQfp6ihakvRF7oOwb4ni0m65uZix6W%2B2CkeNvzWf90Svrl%2BXp8eQ4CADnG"}]}
cf-ray: 950445aef833b4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js

104.17.24.14

200 OK

94 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
JavaScript source, ASCII text, with very long lines (65449)
Size
94 kB (93675 bytes)
Hash
17e942ea0854bd9dce2070bae6826937
434cdec1669f2c6c7406297a72120936bc56ed52
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26

HTTP Headers

GET /ajax/libs/vue/2.6.10/vue.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Jun 2025 18:53:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 30769
cf-ray: 950445b539a156b5-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0402c-16deb"
last-modified: Mon, 04 May 2020 16:17:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 594523
expires: Fri, 05 Jun 2026 18:53:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYwV2BPVPjDqIC%2FwIYt0qUgY5QKO4pDZd0l8XEZUoZobQYU44Pv7HFcC700%2BxZCyFGXf1WF5DodZCSj4VR9MxG74tgfVqr1e6ERAYcIBnQe0s26PAe93AvbHSuh5yLYRsRrTv31T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.10.207

200 OK

51 kB

URL GET
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint73:3E:54:5A:E7:0A:B5:3C:11:79:4A:9F:FE:64:7B:38:B7:15:03:C0
ValidityWed, 14 May 2025 02:01:13 GMT - Tue, 12 Aug 2025 03:00:50 GMT

File type
JavaScript source, ASCII text, with very long lines (50758)
Size
51 kB (51039 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Jun 2025 18:53:47 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: "67176c242e1bdc20603c878dee836df3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2024 02:53:43
cdn-edgestorageid: 1029
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 785086e9c71f6bb4d2f7dace7bf7b0cf
cdn-cache: HIT
cf-cache-status: HIT
age: 841313
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 950445b54aa256a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET ww1.hdtodaytv.tv/static/js/group_1/app.min.js

104.21.16.1

200 OK

3.4 kB

URL GET
ww1.hdtodaytv.tv/static/js/group_1/app.min.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.hdtodaytv.tv/
Certificate
IssuerGoogle Trust Services
Subjecthdtodaytv.tv
Fingerprint5F:73:FD:75:C0:82:70:41:72:6B:5F:4D:A5:90:89:9F:64:B5:D1:B0
ValidityTue, 06 May 2025 13:35:53 GMT - Mon, 04 Aug 2025 14:34:13 GMT

File type
JavaScript source, ASCII text
Size
3.4 kB (3356 bytes)
Hash
807da2fa01a7586abfd25641ed97b476
166c22b9ab7b8c0799216fd884d417998815781c
df236884a2bc43da086e76a522c2984bbac59df6071042f84536f4f645318c2c

HTTP Headers

GET /static/js/group_1/app.min.js HTTP/1.1
Host: ww1.hdtodaytv.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.hdtodaytv.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 15 Jun 2025 18:53:47 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6yZf6ubypxsKZ%2FCNyXh4ylolDc3ElZMwO1cFu7We36XEMcDiqt7FYp8SczWWB1QXo64rKjGnwBVImqQiWaTUwjR5DXGmUfJnFdzdbvWvdbpPe94HhULNzOrF7O8R5cASU8T"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 02 Nov 2022 01:47:19 GMT
vary: Accept-Encoding
etag: "6361cc27-d1c"
expires: Sun, 15 Jun 2025 21:50:17 GMT
cache-control: max-age=43200
content-encoding: gzip
age: 32745
cf-cache-status: HIT
cf-ray: 950445b4dee856bd-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2542&min_rtt=1280&rtt_var=1362&sent=27&recv=30&lost=0&retrans=0&sent_bytes=4461&recv_bytes=2802&delivery_rate=666086&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=1f3a5c8be4256507&ts=713&inflight_dur=29&x=80"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML