Report Overview
Visitedpublic
2025-11-09 14:50:31
Tags
Submit Tags
URL
hitode.xyz/?p=1295
Finishing URL
hitode.xyz/?p=1295
IP / ASN
64.187.97.202
Title
SAME.3 [1] – Hitode
Detections
urlquery
0
Network Intrusion Detection
9
Threat Detection Systems
6
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
hitode.xyz 24 alert(s) on this Host | unknown | 2025-10-29 | 2025-11-08 | 2025-11-08 | 13 kB | 1.1 MB | 64.187.97.202 |       |
irk8waeqf7kb.l4.adsco.re | unknown | 2017-02-14 | 2025-11-09 | 2025-11-09 | 432 B | 463 B |  185.200.118.62 | |
www.cdn4ads.com | 441594 | 2020-04-18 | 2020-04-19 | 2025-11-06 | 878 B | 85 kB |  95.173.205.14 |  |
c.adsco.re | 100769 | 2017-02-14 | 2017-11-29 | 2025-11-03 | 917 B | 63 kB |  0.0.0.0 |  |
ssl.p.jwpcdn.com | 16928 | 2012-08-07 | 2017-01-30 | 2025-11-03 | 1.2 kB | 858 kB | 151.101.194.114 |    |
adsco.re | 3069 | 2017-02-14 | 2017-04-03 | 2025-11-04 | 480 B | 1.8 kB | 162.252.214.5 | |
fonts.googleapis.com | 313 | 2005-01-25 | 2012-05-23 | 2025-11-02 | 496 B | 8.8 kB | 142.250.178.74 | |
4.adsco.re | 95532 | 2017-02-14 | 2021-01-04 | 2025-11-07 | 841 B | 856 B | 162.252.214.5 | |
6.adsco.re | 91627 | 2017-02-14 | 2018-01-15 | 2025-11-07 | 841 B | 989 B | 104.16.42.28 | |
voodc.com | 157618 | 2022-09-24 | 2022-09-24 | 2025-11-08 | 2.2 kB | 210 kB | 188.114.97.1 |   |
irk8waeqf7kb.s4.adsco.re | unknown | 2017-02-14 | 2025-11-09 | 2025-11-09 | 432 B | 0 B | 0.0.0.0 | |
cdnjs.cloudflare.com | 1222 | 2009-02-17 | 2012-05-23 | 2025-11-02 | 434 B | 88 kB | 104.17.24.14 | |
irk8waeqf7kb.n4.adsco.re | unknown | 2017-02-14 | 2025-11-09 | 2025-11-09 | 432 B | 463 B | 38.132.109.126 | |
usrpubtrk.com 4 alert(s) on this Host | 6824 | 2025-06-16 | 2025-06-17 | 2025-11-05 | 435 B | 526 B | 104.21.92.33 |   |
fonts.gstatic.com | unknown | 2008-02-11 | 2014-04-02 | 2025-11-02 | 2.2 kB | 126 kB | 142.250.178.35 | |
cdn4ads.com | 44268 | 2020-04-18 | 2020-04-19 | 2025-11-06 | 1.7 kB | 257 B | 216.59.63.128 | |
adexchangeclear.com 1 alert(s) on this Host | 24943 | 2015-04-27 | 2025-07-16 | 2025-11-03 | 796 B | 1.7 kB | 104.21.78.155 | |
LiteSpeed (Web servers)
LiteSpeed is a high-scalability web server.WordPress (CMS, Blogs)
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.MySQL (Databases)
MySQL is an open-source relational database management system.PHP:8.3.26 (Programming languages)
PHP is a general-purpose scripting language used for web development.LiteSpeed Cache (Caching, WordPress plugins)
LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.Litespeed Cache (Caching, WordPress plugins)
LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.WordPress:6.8.3 (CMS, Blogs)
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.jQuery (JavaScript libraries)
jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.CDN77 (CDN)
CDN77 is a content delivery network (CDN).Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Amazon Web Services (PaaS)
Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.Varnish (Caching)
Varnish is a reverse caching proxy.Amazon S3 (CDN)
Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.PHP:8.0.30 (Programming languages)
PHP is a general-purpose scripting language used for web development.jQuery:3.7.0 (JavaScript libraries)
jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.cdnjs (CDN)
cdnjs is a free distributed JS library delivery service.JW Player (Video players)
JW Player is a online video player with video engagement analytics, custom video player skins, and live video streaming capability.Google Cloud CDN (CDN)
Cloud CDN uses Google's global edge network to serve content closer to users.Google Cloud (IaaS)
Google Cloud is a suite of cloud computing services.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | 172.18.0.6 | 185.200.118.90 | ET INFO Session Traversal Utilities for NAT (STUN Binding Request) | |
| low | 172.18.0.6 | 38.132.109.186 | ET INFO Session Traversal Utilities for NAT (STUN Binding Request) | |
| low | 172.18.0.6 |  185.200.116.90 | ET INFO Session Traversal Utilities for NAT (STUN Binding Request) | |
| low | 172.18.0.6 | 185.200.118.90 | ET INFO Session Traversal Utilities for NAT (STUN Binding Request) | |
| low | 172.18.0.6 | 38.132.109.186 | ET INFO Session Traversal Utilities for NAT (STUN Binding Request) | |
| low | 172.18.0.6 | 185.200.116.90 | ET INFO Session Traversal Utilities for NAT (STUN Binding Request) | |
| low | 172.18.0.6 | 185.200.118.90 | ET INFO Session Traversal Utilities for NAT (STUN Binding Request) | |
| low | 172.18.0.6 | 38.132.109.186 | ET INFO Session Traversal Utilities for NAT (STUN Binding Request) | |
| low | 172.18.0.6 | 185.200.116.90 | ET INFO Session Traversal Utilities for NAT (STUN Binding Request) |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| DNS0 Zero | hitode.xyz | malicious | Sinkholed |
| Cloudflare DNS | usrpubtrk.com | malicious | Sinkholed |
| DigiCert UltraDNS | usrpubtrk.com | malicious | Sinkholed |
| Quad9 DNS | usrpubtrk.com | malicious | Sinkholed |
| DNS4EU | usrpubtrk.com | malicious | Sinkholed |
| Cloudflare DNS | adexchangeclear.com | malicious | Sinkholed |
JavaScript (46)
No JavaScripts
HTTP Transactions (52)
| URL | IP | Response | Size |
|---|