{"report_id":"dccf5414-2375-423f-a756-6c482dbdd35f","version":6,"status":"done","tags":[],"date":"2026-01-09T15:21:52Z","url":{"schema":"http","addr":"iptvpro.pw:35451//live/%E5%8A%A0QQ%E7%BE%A41078393318/29291818/3.ts","fqdn":"iptvpro.pw","domain":"iptvpro.pw","tld":"pw"},"ip":{"addr":"38.246.112.215","port":0,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"iptvpro.pw:35451//live/%E5%8A%A0QQ%E7%BE%A41078393318/29291818/3.ts","fqdn":"iptvpro.pw","domain":"iptvpro.pw","tld":"pw"},"title":"iptvpro.pw:35451//live/加QQ群1078393318/29291818/3.ts","dom":{"size":80,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"efd1a987318a69c7d1b4512e9bd7b109","sha1":"814b98412bf68401e00d5136e36bf26e6b86a4a5","sha256":"76056a906ce28646d4bce278176359f458a7f5b1f7ffa8f859d73e869abf693c","sha512":"665fb96332c80540f70917d036477e7833aa738e4d8458fd5ba94b7738a221db2f0edf94158d83f49777e1728cd88913ee56196b5ef50719edf1fbbe440c5274","ssdeep":"","tlshash":"7ba024fdc1c000075c3131c74cf005030570031d10004c0115c05411c315df4fd035cc","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"iptvpro.pw:35451//live/%E5%8A%A0QQ%E7%BE%A41078393318/29291818/3.ts","fqdn":"iptvpro.pw","domain":"iptvpro.pw","tld":"pw"},"ip":{"addr":"38.246.112.215","port":0,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-13T15:21:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-09T15:21:31Z","timestamp":1767972091,"ip_dst":{"addr":"38.246.112.215","port":35451,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":50162,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2026-01-09T15:21:31.743467+0000\",\"flow_id\":1552519494576762,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.41\",\"src_port\":50162,\"dest_ip\":\"38.246.112.215\",\"dest_port\":35451,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"iptvpro.pw\",\"http_port\":35451,\"url\":\"//live/%E5%8A%A0QQ%E7%BE%A41078393318/29291818/3.ts\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":61},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":723,\"bytes_toclient\":480,\"start\":\"2026-01-09T15:21:31.469626+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-09T15:21:32Z","timestamp":1767972092,"ip_dst":{"addr":"38.246.112.215","port":35451,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":50166,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2026-01-09T15:21:32.184783+0000\",\"flow_id\":62792908144131,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.41\",\"src_port\":50166,\"dest_ip\":\"38.246.112.215\",\"dest_port\":35451,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"iptvpro.pw\",\"http_port\":35451,\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://iptvpro.pw:35451//live/%E5%8A%A0QQ%E7%BE%A41078393318/29291818/3.ts\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":150},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":679,\"bytes_toclient\":508,\"start\":\"2026-01-09T15:21:31.916995+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"iptvpro.pw","ip":{"addr":"38.246.112.215","port":35451,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"domain_registered":"2018-11-09","domain_rank":0,"first_seen":"2026-01-03T17:18:28.672973Z","last_seen":"2026-01-03T17:18:28.672973Z","alert_count":0,"request_count":2,"received_data":556,"sent_data":858,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"iptvpro.pw:35451//live/%E5%8A%A0QQ%E7%BE%A41078393318/29291818/3.ts","fqdn":"iptvpro.pw","domain":"iptvpro.pw","tld":"pw"},"ip":{"addr":"38.246.112.215","port":35451,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-09T15:21:31.474Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET //live/%E5%8A%A0QQ%E7%BE%A41078393318/29291818/3.ts HTTP/1.1\r\nHost: iptvpro.pw:35451\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Fri, 09 Jan 2026 15:21:31 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nConnection: close\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"7103f528d312c5f6dd53c16bfc5e20f4","sha1":"2cf1fa54e2d9d7d8344ea86b420ee829ac6e4440","sha256":"3979794495c3039d81b2d99a1f35172e7baf280ae10ef15d0b06bfa8355f6a02","sha512":"09621a9a0c643ced307487a8e6c181b7a6865e139b2cb782159da156ca8ae02f5f7486c83475c69c58b38dbb6fc580a58c8ac5bf761bc1a79befca0019fdfb9e","ssdeep":"","tlshash":"c6900474c14011155577315fc5f44c1340f1110d40004c575541c0035373df4f701545","first_seen":"2026-01-03T17:18:31.746961Z","last_seen":"2026-01-09T15:21:53.198201Z","times_seen":3,"resource_available":false,"data":null}},"time_used":402,"timings":{"blocked":128,"dns":0,"connect":133,"send":0,"wait":141,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"iptvpro.pw:35451/favicon.ico","fqdn":"iptvpro.pw","domain":"iptvpro.pw","tld":"pw"},"ip":{"addr":"38.246.112.215","port":35451,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://iptvpro.pw:35451//live/%E5%8A%A0QQ%E7%BE%A41078393318/29291818/3.ts","date":"2026-01-09T15:21:31.916Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: iptvpro.pw:35451\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://iptvpro.pw:35451//live/%E5%8A%A0QQ%E7%BE%A41078393318/29291818/3.ts\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: openresty\r\nDate: Fri, 09 Jan 2026 15:21:32 GMT\r\nContent-Type: text/html\r\nContent-Length: 150\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":150,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"597ba0d4396e9c906225140ce907092c","sha1":"28ae2ba65ccdb583d79f85b8cc9509fae697493b","sha256":"ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6","sha512":"8898f14bd6cb5c72d6ee5878af3700be6d03b56a5a21a3d58ef347f008acf4ac68a46a908903e1d42999c1e259e77d7df686c94765865ae07361b2c4e04adf2c","ssdeep":"","tlshash":"18c02b2d24137c0c8663307636c37050c1978337a67e10210400805330cf1998ac33af","first_seen":"2023-04-05T14:00:46Z","last_seen":"2026-05-29T18:05:09.441781Z","times_seen":35598,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":1,"connect":134,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}