IP 104.21.76.57:443
CertificateIssuerGoogle Trust Services Subjectiplogger.com Fingerprint35:C8:E0:39:10:22:BE:07:80:A6:4A:9D:AF:A0:4E:AA:94:38:F7:04 ValiditySun, 20 Apr 2025 22:46:17 GMT - Sat, 19 Jul 2025 23:44:48 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1460), with CRLF, CR, LF line terminators Hash50439a915a7959d78614e59e4617c78b 835ea33586a2b333760989508da475af65eeaf36 510e1962172d2ba4b9b8c76f56b0b0829858c4002c938845d200b00a5a564a73
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /RNPFP5.zip HTTP/1.1
Host: iplogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 May 2025 09:17:15 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
memory: 0.422149658203125
expires: Thu, 01 May 2025 09:17:15 +0000
strict-transport-security: max-age=604800
content-security-policy: img-src https: data:; upgrade-insecure-requests
x-frame-options: SAMEORIGIN
cf-cache-status: BYPASS
content-encoding: br
set-cookie: 589773571532635802=3; HttpOnly; SameSite=Strict; Secure; Path=/; Max-Age=31536000; Expires=Fri, 01 May 2026 09:17:15 GMT
unikey=unikey_5fe1f89d7983ba2cbb2a726c2c77bd2dc2f0ab3f6b1bdeb08d5223a03c9bcc4e; HttpOnly; SameSite=Strict; Secure; Path=/
cf-ray: 938e2f496d12568a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
| cdn.iplogger.org/redirect/handshake.png | 104.26.3.46 | 200 OK | 17 kB |
URL GET cdn.iplogger.org/redirect/handshake.png IP104.26.3.46:443
Requested byhttps://iplogger.com/RNPFP5.zip CertificateIssuerGoogle Trust Services Subjectiplogger.org Fingerprint01:D9:58:81:22:05:AB:F0:EE:84:16:1F:FA:0E:88:3A:86:03:9C:A1 ValidityTue, 29 Apr 2025 18:25:25 GMT - Mon, 28 Jul 2025 19:24:09 GMT
File typePNG image data, 130 x 130, 8-bit/color RGBA, non-interlaced Hash87e1d1a5abac5ec0bdb4cd5278faa55a 5235aff0eb56f9e3237b703ef505b39a8e99e727 dde3686db4f76101069b04248550eafbf3310af048ea52f4449e0f7b90d6b818
GET /redirect/handshake.png HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iplogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 May 2025 09:17:15 GMT
content-type: image/png
content-length: 16682
last-modified: Wed, 02 Mar 2022 10:02:53 GMT
etag: "621f40cd-412a"
expires: Wed, 11 Feb 2026 08:24:42 GMT
cache-control: public, max-age=31536000
pragma: public
access-control-allow-origin: *
x-static: 1
cf-cache-status: HIT
age: 6828753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hy4f4Hf0fdG4gEmR0nd4sGy5n6z8VyScOld4ruZws%2BBtgSQ14BPDC%2Be%2F84H9CMgBm4K2G7y4YzxMXhwReA9oble08699LL8R8cBrYIuUrjpGEHPMF0FTCe7Ht4JYmolU3mZ5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 938e2f4bdcec5684-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1801&min_rtt=564&rtt_var=1947&sent=9&recv=11&lost=0&retrans=1&sent_bytes=3290&recv_bytes=1268&delivery_rate=7300840&cwnd=255&unsent_bytes=0&cid=90ee92f73dbc63d5&ts=36&x=0"
X-Firefox-Spdy: h2
|