Follow-up to my earlier report about the stock firmware on these Android TV devices, with a script to de-fang Stage 0 by preventing the payload from downloading (chattr +i FTW!)
For what it's worth that domain in your repo is also listed in the 1Hosts block-list [1] but only in the Xtra category, not sure why. It seems that is a known malware site. Oddly enough it is not listed in the PiHoleBlocklist [2]
[1] - https://github.com/badmojr/1Hosts [listed but only in Xtra]
[2] - https://github.com/Perflyst/PiHoleBlocklist.git [not listed]