IP 188.114.97.1:443
CertificateIssuerGoogle Trust Services Subjectaqgyncebdxmpw.icu FingerprintA5:65:EF:B3:A8:D0:75:13:B2:94:24:33:1D:F9:37:A1:A8:46:14:8C ValidityTue, 18 Mar 2025 13:39:28 GMT - Mon, 16 Jun 2025 14:33:05 GMT
File typeXML 1.0 document, ASCII text, with no line terminators Hashe7a9350210b4dba641f6020447c96045 581accef4a8b7fbed97291fe7dd4e113f794ec80 08142330655deb1526dcc56795c92eb5c13012f75b599d5ac68db4027953ed80
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: aqgyncebdxmpw.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Wed, 07 May 2025 17:19:02 GMT
content-type: application/xml; charset=UTF-8
x-guploader-uploadid: AAO2Vwo5aKrrm4tWG--Fktdw0HER2LDqBMQf9v0hKqwbM9TxLD0d565SNsUKxtp02Rw47uVc0ajXmjU
access-control-allow-origin: *
expires: Wed, 07 May 2025 17:19:02 GMT
cache-control: private, max-age=0
server: cloudflare
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vBOFXXohRfIBopWdVrMUfX0X1dJ9b9eHhAguUXYX9ysR5vFO63YSe7Dq64LQRFGYk0%2FI05DGa1HkgVzJYQOtsL%2Fx7U0ghyUISwTNBZ8F4dxd%2BO3KS%2FYHHBBxBIImznpzFnj7og%3D%3D"}]}
content-encoding: br
cf-ray: 93c26147d8a7d2ae-FRA
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
IP188.114.97.1:80
File typeXML 1.0 document, ASCII text, with no line terminators Hashe7a9350210b4dba641f6020447c96045 581accef4a8b7fbed97291fe7dd4e113f794ec80 08142330655deb1526dcc56795c92eb5c13012f75b599d5ac68db4027953ed80
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: aqgyncebdxmpw.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 07 May 2025 17:19:02 GMT
Content-Type: application/xml; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: AAO2VwqoSLkVSUHAd_O3txGYk585wr3Bu7tY52FthCye0od1O2UQ_Ksy879UQTWsXRWpiExJ
Access-Control-Allow-Origin: *
Expires: Wed, 07 May 2025 17:19:02 GMT
Cache-Control: private, max-age=0
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kKLgJWq%2FHIwzQGlICGiyV1s9dzEuKpmrZC8RWxw87E1VfXLCgpjOh04DqwcQO9lmw3%2FRRRBflW77RZPeJTZ0MRBVDSYNfytCko6C63dLd6GUxmDrVczUBjpnaOi5q4IBF4BT0g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 93c261499d65d2bb-FRA
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=21989&min_rtt=21989&rtt_var=10994&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=402&delivery_rate=0&cwnd=250&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
| aqgyncebdxmpw.icu/favicon.ico | 188.114.97.1 | 403 Forbidden | 111 B |
URL GET aqgyncebdxmpw.icu/favicon.ico IP188.114.97.1:80
Requested byhttp://aqgyncebdxmpw.icu/
File typeXML 1.0 document, ASCII text, with no line terminators Hashe7a9350210b4dba641f6020447c96045 581accef4a8b7fbed97291fe7dd4e113f794ec80 08142330655deb1526dcc56795c92eb5c13012f75b599d5ac68db4027953ed80
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: aqgyncebdxmpw.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://aqgyncebdxmpw.icu/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Wed, 07 May 2025 17:19:03 GMT
Content-Type: application/xml; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: AAO2VwpuGKBRqofFjxXYVi2jBalM_Yk-wGCPriQ-Nw9BhzRQpGfCrCoIssvweKpOCLAl94bn3dXmYBU
Access-Control-Allow-Origin: *
Expires: Wed, 07 May 2025 17:19:02 GMT
Cache-Control: private, max-age=0
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PkRKYesgeGuYWG1%2B0nJevf1kwGYvL96cPJ2rynKJprJOT6f%2Fz4P3KTNm0Ee18zVwVHKa8s3pCgmUggLft6jX1Q4NZh5aBJghNFvNMQvW9EH12U7kTRtr6qDM5Op77F3sB9YIFw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 93c2614af881d2bb-FRA
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=21987&min_rtt=21973&rtt_var=6189&sent=4&recv=6&lost=0&retrans=0&sent_bytes=1152&recv_bytes=761&delivery_rate=131546&cwnd=252&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|