Report Overview
Visitedpublic
2026-01-09 17:10:57
Tags
Submit Tags
URL
shorter.me/pfdC2
Finishing URL
therealgreatnesshop.site/sanker/?s1=dylan
IP / ASN
104.26.4.214
Title
therealgreatnesshop.site/sanker/?s1=dylan
Detections
urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
7
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
shorter.me 2 alert(s) on this Host | 244988 | 2020-07-22 | 2019-06-15 | 2026-01-02 | 484 B | 31 kB | 172.67.74.120 |    |
d23td13pn5l0wj.cloudfront.net | unknown | 2008-04-25 | 2025-09-02 | 2026-01-07 | 502 B | 109 kB |  3.167.7.38 |    |
d1y3y09sav47f5.cloudfront.net | unknown | 2008-04-25 | 2025-10-31 | 2026-01-09 | 2.4 kB | 24 kB | 54.192.209.200 |    |
get.geojs.io | 99948 | 2017-02-18 | 2017-03-30 | 2026-01-06 | 426 B | 997 B | 172.67.70.233 | |
www.topcreativeformat.com 4 alert(s) on this Host | 1938842 | 2023-11-21 | 2023-11-22 | 2026-01-02 | 465 B | 612 B | 172.240.108.68 |   |
therealgreatnesshop.site | unknown | 2025-11-23 | 2026-01-09 | 2026-01-09 | 509 B | 30 kB |  203.175.9.129 | |
duw03nk63ml3f.cloudfront.net | unknown | 2008-04-25 | 2025-09-23 | 2026-01-02 | 436 B | 28 kB | 54.192.209.218 | |
static.wixstatic.com | 40290 | 2013-04-10 | 2013-06-07 | 2026-01-05 | 9.3 kB | 38 kB | 3.167.2.39 |  |
d13pxqgp3ixdbh.cloudfront.net 2 alert(s) on this Host | unknown | 2008-04-25 | 2020-11-26 | 2026-01-06 | 1.0 kB | 283 kB | 54.192.209.26 | |
d39fkvblvwpxa1.cloudfront.net | unknown | 2008-04-25 | 2024-11-20 | 2026-01-06 | 1.0 kB | 342 kB | 54.230.241.152 | |
Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Google Cloud CDN (CDN)
Cloud CDN uses Google's global edge network to serve content closer to users.Google Cloud (IaaS)
Google Cloud is a suite of cloud computing services.Amazon S3 (CDN)
Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.Amazon Web Services (PaaS)
Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.Amazon CloudFront (CDN)
Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.Apache HTTP Server:2.4.51 (Web servers)
Apache is a free and open-source cross-platform web server software.PHP:7.4.11 (Programming languages)
PHP is a general-purpose scripting language used for web development.OpenSSL:1.0.2k (Web server extensions)
OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.Apache HTTP Server:2.4.46 (Web servers)
Apache is a free and open-source cross-platform web server software.Nginx:1.21.6 (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Envoy (Reverse proxies)
Envoy is an open-source edge and service proxy, designed for cloud-native applications.Apache HTTP Server (Web servers)
Apache is a free and open-source cross-platform web server software.Nginx (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.OpenResty:1.27.1.2 (Web servers)
OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| medium | Client IP | 172.67.70.233 | ET INFO External IP Address Lookup Domain (get .geojs .io) in TLS SNI |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| Hagezi Threat Feed | d13pxqgp3ixdbh.cloudfront.net | malicious | Sinkholed |
| Quad9 DNS | www.topcreativeformat.com | malicious | Sinkholed |
| DNS4EU | www.topcreativeformat.com | malicious | Sinkholed |
| Hagezi Threat Feed | www.topcreativeformat.com | malicious | Sinkholed |
| DNS0 Zero | www.topcreativeformat.com | malicious | Sinkholed |
| Quad9 DNS | shorter.me | malicious | Sinkholed |
| DNS4EU | shorter.me | malicious | Sinkholed |
JavaScript (9)
No JavaScripts
HTTP Transactions (34)
| URL | IP | Response | Size |
|---|