Report - aqdlove.net/

Report Overview

Visited public
2023-11-01 04:37:42
Tags
URL
aqdlove.net/
Finishing URL
aqdlove.net/
IP / ASN
64.112.28.94
#395886 KURUN-AS
Title
爱情岛 - 独家提供实用网址大全

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp2.globalsign.com	1544	1999-04-19	2012-05-23 20:10:04	2023-10-31 05:17:05	357 B	1.9 kB	104.18.21.226
mgtv-bbqn.oss-cn-beijing.aliyuncs.com	unknown	unknown	No data	No data	489 B	25 kB	8.131.131.94
p1.bdxiguaimg.com	184024	2020-08-26	2021-06-02 22:55:37	2023-07-26 06:31:47	918 B	7.3 kB	163.171.132.42
38.174.115.251:12096	unknown	unknown	No data	No data	426 B	464 B	38.174.115.251
192.151.197.205:12096	unknown	unknown	No data	No data	427 B	464 B	192.151.197.205
ocsp.sectigo.com	487	2018-08-16	2019-11-29 12:50:24	2023-10-31 13:44:23	2.0 kB	5.8 kB	172.64.149.23
api.share.baidu.com	44629	1999-10-11	2013-04-25 16:45:11	2023-10-31 05:21:27	359 B	114 B	39.156.68.163
sdk.51.la	88367	2005-01-17	2021-03-08 17:03:51	2023-10-31 13:06:38	317 B	14 kB	47.246.44.205
38.174.115.3:12096	unknown	unknown	No data	No data	424 B	464 B	38.174.115.3
aqdlove.net	unknown	2019-08-28	2021-02-03 03:58:04	2021-02-03 03:58:04	384 B	6.5 kB	64.112.28.94
collect-v6.51.la	91421	2005-01-17	2021-03-08 17:03:54	2023-10-31 05:20:59	372 B	483 B	203.107.86.226
	unknown				1.8 kB	69 kB	192.151.197.203

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-01 04:37:37	low	64.112.28.94	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
2023-11-01 04:37:37	low	64.112.28.94	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-01	medium	38.174.115.251	Sinkholed
2023-11-01	medium	192.151.197.205	Sinkholed
2023-11-01	medium	38.174.115.3	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	unknown	ScriptElement	5.1 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 21:33 Last Seen2024-08-20 21:33 Times Seen1 Hash cca77031b243d12d5f8fe0c97c65c96b c380b45ed0751d62f6c8b5489e7e532822a7695c 7e5b721e497e2e1e11241b3f334ed7d5cf315ac314b8e800d1133eacd22bc2e7 Loading...

	unknown	ScriptElement	1.3 kB	2023-11-01	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-01 05:38 Last Seen2024-08-20 21:33 Times Seen2 Hash 3ebe3e9896e4b0427590234ce896b0bf 6958ea78a9e919f089b49b2bdd75fa5ad5d9594d 0e4a9928e8cb928fa2b09e378d5ea7d43e09a12dcfd026a89a5dcf670228bece Loading...

	unknown	Function	163 B	2023-11-01	2025-06-03
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-01 05:38 Last Seen2025-06-03 13:28 Times Seen12 Hash 34475e4d88c7c1291a172c1785e563b2 37e1c659ac1434d97f7e81b38c6c034d38412a4b 52107f22d4156653a01915b4a16cdf8721f528a4855a75645a423982f8a3fe0a Loading...

	sdk.51.la/js-sdk-pro.min.js	ScriptElement	34 kB	2023-04-05	2025-06-02
Pretty URL sdk.51.la/js-sdk-pro.min.js IP 47.246.44.205 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:31 Last Seen2025-06-02 19:54 Times Seen8555 Hash 8fc0b01d35300e8398d6e957987c01e7 f1eb32c75b8d8e4b0555ebc2a5f5d1d60296f41e b164aafa0bb83dfe511912ca2ca475880bfffac8d8f098c947fd3d4af440d3a4 Loading...

	aqdlove.net/	ScriptElement	25 kB	2024-08-20	2024-08-20
Pretty URL aqdlove.net/ IP 64.112.28.94 ASN #395886 KURUN-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 21:33 Last Seen2024-08-20 21:33 Times Seen1 Hash 499aef1e71ac002763a5cae464713ec8 d243703dc3b826c99ba62bebbcb2a75a00f60e62 283ff8f61ed53633d12d3d2082d87d49e3ca2cdde5b6ed9510a9aca2bf54596f Loading...

	aqdlove.net/	ScriptElement	904 B	2023-11-01	2025-06-03
Pretty URL aqdlove.net/ IP 64.112.28.94 ASN #395886 KURUN-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-01 05:38 Last Seen2025-06-03 13:28 Times Seen12 Hash 5b75d65f19510507b0ab4b454ef2dd3a 553dffa831fc34a910823f804ff1bb3146cea6a0 0fe540738ea300446da943d438d54f4cc3c4e89cb455ac14f1cfe3ae783d9c8b Loading...

		Size	First Seen	Last Seen
	#1 Write - 788666e22e0d217262f60fa140149d01	5.8 kB	2024-08-20 21:33	2024-08-20 21:33
Pretty Observations First Seen2024-08-20 21:33 Last Seen2024-08-20 21:33 Times Seen1 Hash 788666e22e0d217262f60fa140149d01 d3e7dec3d6054fa6e33b0b9e4952e195d61baf3e 129f3d7b2362d0b9825546aee8ce37f02a44fe69bf1d3cfbdeedb4523b84b377 Loading...

HTTP Transactions (21)

URL IP Response Size

ocsp.sectigo.com/

172.64.149.23

471 B

URL
ocsp.sectigo.com/
IP
172.64.149.23:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
ca689d4d0f964e188f94904a51b7e04b
70b37333ae16a60231f12146f7855d5c0abc06bf
c7f19a144d7cefa45753d5e82adcafad563b7e6c55cbbc2ba4b355882109aabb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 04:37:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Oct 2023 11:49:39 GMT
Expires: Tue, 07 Nov 2023 11:49:38 GMT
Etag: "70b37333ae16a60231f12146f7855d5c0abc06bf"
Cache-Control: max-age=543732,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 81f171410f2b56ba-OSL

aqdlove.net/

64.112.28.94

6.2 kB

URL User Request GET
aqdlove.net/
IP
64.112.28.94:0
ASN
#395886 KURUN-AS

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (25558), with no line terminators
Size
6.2 kB (6227 bytes)
Hash
9637a13314a1ccfec886f1d9d552fb42
2af592629e49ea2bae18c33391de97a293ff811d
66470de0bd5970b8f6e99ce5e335f2cac6d5e527b353ac68a99bf2fd7c48072f

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3

HTTP Headers

GET / HTTP/1.1
Host: aqdlove.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Nov 2023 04:37:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip

ocsp.sectigo.com/

104.18.38.233

471 B

URL
ocsp.sectigo.com/
IP
104.18.38.233:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
aeefa8f8d595c344764f0d6381bfeb2d
d752720994c20e69cf079e82a8b427ca2f5fbe38
337bf93fa11301c8bca1a45ec38289229840ecfb34b8f9ee8e002687e18b737d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 04:37:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Oct 2023 03:36:19 GMT
Expires: Sun, 05 Nov 2023 03:36:18 GMT
Etag: "d752720994c20e69cf079e82a8b427ca2f5fbe38"
Cache-Control: max-age=341887,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 81f17147ee9756a4-OSL

api.share.baidu.com/s.gif?l=http://aqdlove.net/

39.156.68.163

200 OK

0 B

URL GET HTTP/1.1
api.share.baidu.com/s.gif?l=http://aqdlove.net/
IP
39.156.68.163:80
ASN
#9808 China Mobile Communications Group Co., Ltd.

Requested by
http://aqdlove.net/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://aqdlove.net/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://aqdlove.net/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 01 Nov 2023 04:37:26 GMT

ocsp.sectigo.com/

104.18.38.233

471 B

URL
ocsp.sectigo.com/
IP
104.18.38.233:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
a5449d29ac5f8d4e57390ec517b86c45
efcef9a0b67d935509c428c187c6aea4355d5cb9
63f2b47b5f9d897da536386677bc078d5bcabaf3934382489daee87e890879fd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 04:37:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Oct 2023 20:26:41 GMT
Expires: Sun, 05 Nov 2023 20:26:40 GMT
Etag: "efcef9a0b67d935509c428c187c6aea4355d5cb9"
Cache-Control: max-age=401953,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 81f1714808eeb4f9-OSL

ocsp.sectigo.com/

172.64.149.23

471 B

URL
ocsp.sectigo.com/
IP
172.64.149.23:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
aeefa8f8d595c344764f0d6381bfeb2d
d752720994c20e69cf079e82a8b427ca2f5fbe38
337bf93fa11301c8bca1a45ec38289229840ecfb34b8f9ee8e002687e18b737d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 04:37:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Oct 2023 03:36:19 GMT
Expires: Sun, 05 Nov 2023 03:36:18 GMT
Etag: "d752720994c20e69cf079e82a8b427ca2f5fbe38"
Cache-Control: max-age=341331,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 81f17147e96d56ba-OSL

sdk.51.la/js-sdk-pro.min.js

47.246.44.205

200 OK

13 kB

URL GET HTTP/1.1
sdk.51.la/js-sdk-pro.min.js
IP
47.246.44.205:80
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
http://aqdlove.net/

File type
Unicode text, UTF-8 text, with very long lines (34110)
Size
13 kB (12846 bytes)
Hash
24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

HTTP Headers

GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://aqdlove.net/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 12846
Connection: keep-alive
Date: Sat, 21 Oct 2023 16:07:27 GMT
x-oss-request-id: 6533F73F54280A373991F168
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
Ali-Swift-Global-Savetime: 1697904447
Via: cache15.l2de2[0,0,304-0,H], cache9.l2de2[1,0], cache3.se1[0,0,200-0,H], cache2.se1[0,0]
ETag: "24BB520E9517F2ED3ED987B46AEAF723"
Last-Modified: Thu, 08 Jun 2023 02:24:34 GMT
Vary: Accept-Encoding
x-oss-hash-crc64ecma: 5143829838470429443
Content-Encoding: gzip
Age: 908999
X-Cache: HIT TCP_MEM_HIT dirn:7:153294850
X-Swift-SaveTime: Sat, 21 Oct 2023 16:07:27 GMT
X-Swift-CacheTime: 1296000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9616988134469697758e

ocsp.sectigo.com/

104.18.38.233

471 B

URL
ocsp.sectigo.com/
IP
104.18.38.233:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9c3e608dd6ea60acbb0b17bc977ffb27
071b48803bec016a5a02aebc381852f184907c28
425c715668283f6da976a31e2ba6b28a414995e576c18d2b84efb3981bc34b6f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 04:37:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Oct 2023 01:49:32 GMT
Expires: Tue, 07 Nov 2023 01:49:31 GMT
Etag: "071b48803bec016a5a02aebc381852f184907c28"
Cache-Control: max-age=507723,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 81f1714c0fd256a4-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g3

104.18.21.226

1.5 kB

URL
ocsp2.globalsign.com/gsorganizationvalsha2g3
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1461 bytes)
Hash
c1cee812a98acdd1892e95033aebb69b
2cb74543539d79c0152db4136af0b74d8bc92750
25253f24e47bb0a235e028ca5ff7ec36a511685d9444a7ca454edbbb1e209476

HTTP Headers

POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 04:37:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Sun, 05 Nov 2023 02:30:39 GMT
ETag: "2cb74543539d79c0152db4136af0b74d8bc92750"
Last-Modified: Wed, 01 Nov 2023 02:30:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 81f1714ccecb56ca-OSL

ocsp.sectigo.com/

104.18.38.233

471 B

URL
ocsp.sectigo.com/
IP
104.18.38.233:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9c3e608dd6ea60acbb0b17bc977ffb27
071b48803bec016a5a02aebc381852f184907c28
425c715668283f6da976a31e2ba6b28a414995e576c18d2b84efb3981bc34b6f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 04:37:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Oct 2023 01:49:32 GMT
Expires: Tue, 07 Nov 2023 01:49:31 GMT
Etag: "071b48803bec016a5a02aebc381852f184907c28"
Cache-Control: max-age=507723,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 81f1714c0a33b4f9-OSL

collect-v6.51.la/v6/collect?dt=4

203.107.86.226

403

0 B

URL POST HTTP/1.1
collect-v6.51.la/v6/collect?dt=4
IP
203.107.86.226:80
ASN
#0

Requested by
http://aqdlove.net/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 300
Origin: http://aqdlove.net
DNT: 1
Connection: keep-alive
Referer: http://aqdlove.net/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 
Date: Wed, 01 Nov 2023 04:37:27 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=9ce0a47e6ae4e2cb55e95fe97f3a4d5bdc269b9a9a23b1a92faa570725cbeb98; Path=/; HttpOnly
acw_tc=1a0c585316988134475762228eed87fb814c6bf6c33f5f26fbf96fcc0352c6;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://aqdlove.net
Access-Control-Allow-Credentials: true

mgtv-bbqn.oss-cn-beijing.aliyuncs.com/1/2310310157014A29582395A850D3A0F5C26862354MzFE/EjdjYp0.png

8.131.131.94

200 OK

25 kB

URL GET HTTP/1.1
mgtv-bbqn.oss-cn-beijing.aliyuncs.com/1/2310310157014A29582395A850D3A0F5C26862354MzFE/EjdjYp0.png
IP
8.131.131.94:443
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested by
http://aqdlove.net/
Certificate
IssuerGlobalSign nv-sa
Subject*.oss-cn-beijing.aliyuncs.com
FingerprintED:8A:3C:0E:14:BA:ED:2A:A8:04:8D:17:34:E3:17:50:99:39:84:05
ValidityFri, 07 Jul 2023 10:24:33 GMT - Mon, 18 Mar 2024 06:06:02 GMT

File type
PNG image data, 480 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
25 kB (24944 bytes)
Hash
d672d809ac24ddad4e985fcbdf9e658a
85d912a43044613906fba5ea93e25d954f0b94cb
72aed53e48ad7dc48c9cf2b4761e90ede0c0f06f1c9d29ba8fa7360424e38c51

HTTP Headers

GET /1/2310310157014A29582395A850D3A0F5C26862354MzFE/EjdjYp0.png HTTP/1.1
Host: mgtv-bbqn.oss-cn-beijing.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://aqdlove.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 01 Nov 2023 04:37:27 GMT
Content-Type: image/png
Content-Length: 24944
Connection: keep-alive
x-oss-request-id: 6541D6076C384336368FABD3
Accept-Ranges: bytes
ETag: "D672D809AC24DDAD4E985FCBDF9E658A"
Last-Modified: Mon, 30 Oct 2023 17:57:01 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8703334944689425093
x-oss-storage-class: Standard
Content-MD5: 1nLYCawk3a1OmF/L355lig==
x-oss-server-time: 2

p1.bdxiguaimg.com/origin/pgc-image/bd7861a486574b92917b3b95df229ae4

163.171.132.42

200 OK

2.2 kB

URL GET HTTP/2
p1.bdxiguaimg.com/origin/pgc-image/bd7861a486574b92917b3b95df229ae4
IP
163.171.132.42:443
ASN
#54994 QUANTILNETWORKS

Requested by
http://aqdlove.net/
Certificate
IssuerGlobalSign nv-sa
Subject*.bdxiguaimg.com
Fingerprint08:7A:69:5D:08:98:15:51:C8:D6:B4:3C:69:B0:BE:59:7F:A0:47:D3
ValidityMon, 19 Jun 2023 14:52:41 GMT - Sat, 20 Jul 2024 14:52:40 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced\012- data
Size
2.2 kB (2183 bytes)
Hash
cdd77333a27d185e3bf49482de858ada
070d355292f411ba6da885817e81881abc79c927
0b11b0d743448e99c6fe1e5330f35b1646b85c20371dde21c8d680b01895f0e0

HTTP Headers

GET /origin/pgc-image/bd7861a486574b92917b3b95df229ae4 HTTP/1.1
Host: p1.bdxiguaimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://aqdlove.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 Nov 2023 04:37:28 GMT
content-type: image/png
content-length: 2183
server: nginx
cache-control: max-age=31536000
imagex-fmt: png2png
last-modified: Sun, 02 Jul 2023 07:21:31 GMT
nw-session-id: 202307021521318CFA7D4F3F4264A27251pjrqp01xg
nw-session-trace: 2023-07-02T15:21:31.299208748+08:00 41
x-bdcdn-cache-status: TCP_MISS
x-length: 2183
x-powered-by: ImageX
x-response-date: Sun, 02 Jul 2023 15:21:31 GMT
x-tt-logid: 202307021521318CFA7D4F3F4264A27251
via: n204-099-045
x-request-ip: fdbd:dc01:26:318::66
x-response-cinfo: 91.90.42.154
x-tt-trace-host: 0150ed489f874896420c0b4623b63d87a9abc616728520851219f1d39478aa679ff876ee445deec7fe8196c31778c0717f2a071952fe3439fd1cb03e9baf850ceef573335727ca4e97ea2f48ac6de4b1b91e5c110ae4f8278114d18106fda69719
x-response-lb: image
x-cache-new: HIT
age: 1
x-via: 1.1 PS-HIA-01wWB95:3 (Cdn Cache Server V2.0), 1.1 PSrbJP1tu67:4 (Cdn Cache Server V2.0), 1.1 VM-FRA-01T6Y27:15 (Cdn Cache Server V2.0)
x-response-cache: edge_hit
server-timing: cdn-cache;desc=hit,edge;dur=1
x-tt-trace-tag: id=01;cdn-cache=hit;type=static
x-ws-request-id: 6541d608_VM-FRA-01T6Y27_38938-61501
access-control-allow-origin: *
x-server-ip: 91.90.42.154
access-control-expose-headers: X-Server-Ip,Content-Length,Content-Range,content-type,expires,last-modified,via,x-cache,x-response-cache,x-response-sinfo,x-response-cinfo
timing-allow-origin: *
x-response-sinfo: 163.171.132.42
X-Firefox-Spdy: h2

p1.bdxiguaimg.com/origin/pgc-image/bd7861a486574b92917b3b95df229ae4

163.171.132.42

200 OK

2.2 kB

URL GET HTTP/2
p1.bdxiguaimg.com/origin/pgc-image/bd7861a486574b92917b3b95df229ae4
IP
163.171.132.42:443
ASN
#54994 QUANTILNETWORKS

Requested by
http://aqdlove.net/
Certificate
IssuerGlobalSign nv-sa
Subject*.bdxiguaimg.com
Fingerprint08:7A:69:5D:08:98:15:51:C8:D6:B4:3C:69:B0:BE:59:7F:A0:47:D3
ValidityMon, 19 Jun 2023 14:52:41 GMT - Sat, 20 Jul 2024 14:52:40 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced\012- data
Size
2.2 kB (2183 bytes)
Hash
cdd77333a27d185e3bf49482de858ada
070d355292f411ba6da885817e81881abc79c927
0b11b0d743448e99c6fe1e5330f35b1646b85c20371dde21c8d680b01895f0e0

HTTP Headers

GET /origin/pgc-image/bd7861a486574b92917b3b95df229ae4 HTTP/1.1
Host: p1.bdxiguaimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://aqdlove.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 Nov 2023 04:37:28 GMT
content-type: image/png
content-length: 2183
server: nginx
cache-control: max-age=31536000
imagex-fmt: png2png
last-modified: Sun, 02 Jul 2023 07:21:31 GMT
nw-session-id: 202307021521318CFA7D4F3F4264A27251pjrqp01xg
nw-session-trace: 2023-07-02T15:21:31.299208748+08:00 41
x-bdcdn-cache-status: TCP_MISS
x-length: 2183
x-powered-by: ImageX
x-response-date: Sun, 02 Jul 2023 15:21:31 GMT
x-tt-logid: 202307021521318CFA7D4F3F4264A27251
via: n204-099-045
x-request-ip: fdbd:dc01:26:318::66
x-response-cinfo: 91.90.42.154
x-tt-trace-host: 0150ed489f874896420c0b4623b63d87a9abc616728520851219f1d39478aa679ff876ee445deec7fe8196c31778c0717f2a071952fe3439fd1cb03e9baf850ceef573335727ca4e97ea2f48ac6de4b1b91e5c110ae4f8278114d18106fda69719
x-response-lb: image
x-cache-new: HIT
age: 1
x-via: 1.1 PS-HIA-01wWB95:3 (Cdn Cache Server V2.0), 1.1 PSrbJP1tu67:4 (Cdn Cache Server V2.0), 1.1 VM-FRA-01T6Y27:15 (Cdn Cache Server V2.0)
x-response-cache: edge_hit
server-timing: cdn-cache;desc=hit,edge;dur=0
x-tt-trace-tag: id=01;cdn-cache=hit;type=static
x-ws-request-id: 6541d608_VM-FRA-01T6Y27_38938-61502
access-control-allow-origin: *
x-server-ip: 91.90.42.154
access-control-expose-headers: X-Server-Ip,Content-Length,Content-Range,content-type,expires,last-modified,via,x-cache,x-response-cache,x-response-sinfo,x-response-cinfo
timing-allow-origin: *
x-response-sinfo: 163.171.132.42
X-Firefox-Spdy: h2

vip.aqdk245.com:2096/api/ping

192.151.197.203

200 OK

4 B

URL GET HTTP/2
vip.aqdk245.com:2096/api/ping
IP
192.151.197.203:2096
ASN
#40065 CNSERVERS

Requested by
http://aqdlove.net/
Certificate
IssuerSectigo Limited
Subjectvip.aqdk113.com
FingerprintD0:63:94:D4:50:01:02:C7:AA:3A:1A:38:DE:9D:A4:21:96:B0:86:4A
ValidityFri, 27 Oct 2023 00:00:00 GMT - Sat, 26 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
6fdb087aa3fbfbcb8287a593a0919e61
0e514a0662bcb69dc863953d1ce26e3d40e81a87
9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2

HTTP Headers

GET /api/ping HTTP/1.1
Host: vip.aqdk245.com:2096
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://aqdlove.net
DNT: 1
Connection: keep-alive
Referer: http://aqdlove.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Wed, 01 Nov 2023 04:37:27 GMT
x-ratelimit-limit: 60
x-ratelimit-remaining: 58
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

vip.aqdk258.com:2096/api/ping

192.151.197.203

200 OK

4 B

URL GET HTTP/2
vip.aqdk258.com:2096/api/ping
IP
192.151.197.203:2096
ASN
#40065 CNSERVERS

Requested by
http://aqdlove.net/
Certificate
IssuerSectigo Limited
Subjectvip.aqdk113.com
FingerprintD0:63:94:D4:50:01:02:C7:AA:3A:1A:38:DE:9D:A4:21:96:B0:86:4A
ValidityFri, 27 Oct 2023 00:00:00 GMT - Sat, 26 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
6fdb087aa3fbfbcb8287a593a0919e61
0e514a0662bcb69dc863953d1ce26e3d40e81a87
9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2

HTTP Headers

GET /api/ping HTTP/1.1
Host: vip.aqdk258.com:2096
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://aqdlove.net
DNT: 1
Connection: keep-alive
Referer: http://aqdlove.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Wed, 01 Nov 2023 04:37:27 GMT
x-ratelimit-limit: 60
x-ratelimit-remaining: 56
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

vip.aqdk36.com:2096/api/ping

192.151.197.203

200 OK

4 B

URL GET HTTP/2
vip.aqdk36.com:2096/api/ping
IP
192.151.197.203:2096
ASN
#40065 CNSERVERS

Requested by
http://aqdlove.net/
Certificate
IssuerSectigo Limited
Subjectvip.aqdk113.com
FingerprintD0:63:94:D4:50:01:02:C7:AA:3A:1A:38:DE:9D:A4:21:96:B0:86:4A
ValidityFri, 27 Oct 2023 00:00:00 GMT - Sat, 26 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
6fdb087aa3fbfbcb8287a593a0919e61
0e514a0662bcb69dc863953d1ce26e3d40e81a87
9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2

HTTP Headers

GET /api/ping HTTP/1.1
Host: vip.aqdk36.com:2096
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://aqdlove.net
DNT: 1
Connection: keep-alive
Referer: http://aqdlove.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Wed, 01 Nov 2023 04:37:27 GMT
x-ratelimit-limit: 60
x-ratelimit-remaining: 57
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-01.xcggzzb.com:8443/aqd/mp4/bg480.mp4

104.22.45.66

206 Partial Content

67 kB

URL GET HTTP/2
cdn-01.xcggzzb.com:8443/aqd/mp4/bg480.mp4
IP
104.22.45.66:8443
ASN
#13335 CLOUDFLARENET

Requested by
http://aqdlove.net/
Certificate
IssuerSectigo Limited
Subject*.xcggzzb.com
Fingerprint6A:67:15:20:00:C9:21:AF:9E:00:70:7A:C5:BA:25:AC:6B:EA:04:D0
ValidityWed, 19 Apr 2023 00:00:00 GMT - Thu, 18 Apr 2024 23:59:59 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size
67 kB (67040 bytes)
Hash
1e88bc181c4bf3b8ad7d93397eb5610e
0aa42a6ac88a3e3bb150f462846dda8e0d88192f
9c1d877013280c5b731b2121ffac0050262d51196d7f7368771c5bf6ef830e7e

HTTP Headers

GET /aqd/mp4/bg480.mp4 HTTP/1.1
Host: cdn-01.xcggzzb.com:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://aqdlove.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Wed, 01 Nov 2023 04:37:27 GMT
content-type: video/mp4
content-length: 886004
last-modified: Mon, 30 Oct 2023 17:38:01 GMT
etag: "653fe9f9-d84f4"
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-range: bytes 0-886003/886004
cf-cache-status: DYNAMIC
vary: Accept-Encoding
server: cloudflare
cf-ray: 81f1714c4c0b2dc2-ARN
X-Firefox-Spdy: h2

38.174.115.251:12096/api/ping

38.174.115.251

200 OK

4 B

URL GET HTTP/2
38.174.115.251:12096/api/ping
IP
38.174.115.251:12096
ASN
#174 COGENT-174

Requested by
http://aqdlove.net/
Certificate
IssuerSectigo Limited
Subject38.174.115.3
Fingerprint4E:02:A2:57:7C:1E:7A:7F:4A:0C:B0:E2:3A:91:11:38:83:6A:A0:11
ValidityFri, 27 Oct 2023 00:00:00 GMT - Sat, 26 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
6fdb087aa3fbfbcb8287a593a0919e61
0e514a0662bcb69dc863953d1ce26e3d40e81a87
9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/ping HTTP/1.1
Host: 38.174.115.251:12096
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://aqdlove.net
DNT: 1
Connection: keep-alive
Referer: http://aqdlove.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Wed, 01 Nov 2023 04:37:25 GMT
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

192.151.197.205:12096/api/ping

192.151.197.205

200 OK

4 B

URL GET HTTP/2
192.151.197.205:12096/api/ping
IP
192.151.197.205:12096
ASN
#40065 CNSERVERS

Requested by
http://aqdlove.net/
Certificate
IssuerSectigo Limited
Subject192.151.197.205
Fingerprint31:53:97:81:B4:96:4C:74:32:14:B8:2D:52:EE:BE:67:4D:DC:36:3E
ValidityWed, 25 Oct 2023 00:00:00 GMT - Thu, 24 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
6fdb087aa3fbfbcb8287a593a0919e61
0e514a0662bcb69dc863953d1ce26e3d40e81a87
9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/ping HTTP/1.1
Host: 192.151.197.205:12096
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://aqdlove.net
DNT: 1
Connection: keep-alive
Referer: http://aqdlove.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Wed, 01 Nov 2023 04:37:26 GMT
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

38.174.115.3:12096/api/ping

38.174.115.3

200 OK

4 B

URL GET HTTP/2
38.174.115.3:12096/api/ping
IP
38.174.115.3:12096
ASN
#174 COGENT-174

Requested by
http://aqdlove.net/
Certificate
IssuerSectigo Limited
Subject38.174.115.3
Fingerprint4E:02:A2:57:7C:1E:7A:7F:4A:0C:B0:E2:3A:91:11:38:83:6A:A0:11
ValidityFri, 27 Oct 2023 00:00:00 GMT - Sat, 26 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
6fdb087aa3fbfbcb8287a593a0919e61
0e514a0662bcb69dc863953d1ce26e3d40e81a87
9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/ping HTTP/1.1
Host: 38.174.115.3:12096
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://aqdlove.net
DNT: 1
Connection: keep-alive
Referer: http://aqdlove.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Wed, 01 Nov 2023 04:37:27 GMT
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (21)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL