{"report_id":"b993907b-8ec6-4cfc-8a0c-64b7094d5c5a","version":6,"status":"done","tags":[],"date":"2026-01-25T13:52:57Z","url":{"schema":"http","addr":"isupport.ignorelist.com","fqdn":"isupport.ignorelist.com","domain":"ignorelist.com","tld":"com"},"ip":{"addr":"31.58.58.46","port":0,"asn":834,"as":"IPXO","country":"United Arab Emirates","country_code":"AE"},"final":{"url":{"schema":"http","addr":"isupport.ignorelist.com/","fqdn":"isupport.ignorelist.com","domain":"ignorelist.com","tld":"com"},"title":"Apple","dom":{"size":256733,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (20277)","md5":"142fd421e4400e9aeca712e13188d777","sha1":"02b0f34536c46205f0e8bfc92fd3c52b68a6f7f8","sha256":"2e5dd65ff56ee622367a0645dbe984826e3fb087091348e80d323225e33fba4c","sha512":"468e101849c55e103bd3677392180851ddd0e31b300e3437fc47711a63934e1da9432b2130cb01822cf0ffcb0a4a70c4e04cd6f99d83d264f50d00b80ba44058","ssdeep":"1536:V4QkIwcsSiX8dVqE3mi7ZInGwNbANwLHN3q8dHO9Ga5lLZ+ptjmsEEUbiUuvY7aF:bDotmfbiUwVK8Cg","tlshash":"b9441c7b325d683e030387dee4162938e29fad79dae691e9f9b747211243de0312bd14","dom_hash":"domhashf614f41a31c5d634a842b6f6b5245f55","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"isupport.ignorelist.com","fqdn":"isupport.ignorelist.com","domain":"ignorelist.com","tld":"com"},"ip":{"addr":"31.58.58.46","port":0,"asn":834,"as":"IPXO","country":"United Arab Emirates","country_code":"AE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-01T13:52:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-25T13:52:35Z","timestamp":1769349155,"ip_dst":{"addr":"31.58.58.46","port":80,"asn":834,"as":"IPXO","country":"United Arab Emirates","country_code":"AE"},"ip_src":{"addr":"Client IP","port":38918,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.ignorelist .com Domain","source":"{\"timestamp\":\"2026-01-25T13:52:35.228900+0000\",\"flow_id\":1385692280342547,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.28\",\"src_port\":38918,\"dest_ip\":\"31.58.58.46\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2039843,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.ignorelist .com Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"isupport.ignorelist.com\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":254},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":680,\"bytes_toclient\":7710,\"start\":\"2026-01-25T13:52:35.149523+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-25","alert":"Phishing Block","trigger":"isupport.ignorelist.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-25","alert":"Sinkholed","trigger":"isupport.ignorelist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"isupport.ignorelist.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2002-02-19","domain_rank":0,"first_seen":"2025-12-23T23:05:47.435445Z","last_seen":"2026-01-25T13:03:53.239655Z","alert_count":6,"request_count":2,"received_data":262330,"sent_data":900,"comment":"","tags":null,"fingerprints":[{"name":"Apple MapKit JS","description":"Apple MapKit JS lets you embed interactive maps directly into your websites across platforms and operating systems, including iOS and Android.","website":"https://developer.apple.com/maps/web/","common_platform_enumeration":"","icon":"Apple.svg","categories":["Maps"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"isupport.ignorelist.com/","fqdn":"isupport.ignorelist.com","domain":"ignorelist.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-25T13:52:35.030Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: isupport.ignorelist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T07:33:43.83116Z","times_seen":16408102,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":51,"dns":0,"connect":19,"send":0,"wait":0,"receive":0,"ssl":37},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-25T13:52:35Z","timestamp":1769349155,"ip_dst":{"addr":"31.58.58.46","port":80,"asn":834,"as":"IPXO","country":"United Arab Emirates","country_code":"AE"},"ip_src":{"addr":"172.18.0.28","port":38918,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.ignorelist .com Domain","source":"{\"timestamp\":\"2026-01-25T13:52:35.228900+0000\",\"flow_id\":1385692280342547,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.28\",\"src_port\":38918,\"dest_ip\":\"31.58.58.46\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2039843,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.ignorelist .com Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"isupport.ignorelist.com\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":254},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":680,\"bytes_toclient\":7710,\"start\":\"2026-01-25T13:52:35.149523+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-25","alert":"Phishing Block","trigger":"isupport.ignorelist.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-25","alert":"Sinkholed","trigger":"isupport.ignorelist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"isupport.ignorelist.com/","fqdn":"isupport.ignorelist.com","domain":"ignorelist.com","tld":"com"},"ip":{"addr":"31.58.58.46","port":80,"asn":834,"as":"IPXO","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-25T13:52:35.149Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: isupport.ignorelist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.26.3\r\ndate: Sun, 25 Jan 2026 13:52:35 GMT\r\ncontent-type: text/html; charset=utf-8\r\nset-cookie: geo=DE; path=/; domain=.apple.com\r\nx-frame-options: SAMEORIGIN\r\nvary: Accept-Encoding\r\ncontent-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: mailto: embed.music.apple.com embed.podcasts.apple.com https://recyclingprogram.apple.com https://smb.apple.com https://nova.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com\r\nreferrer-policy: no-referrer-when-downgrade\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncache-control: max-age=188\r\nexpires: Sun, 25 Jan 2026 13:55:43 GMT\r\nalt-svc: h3=\":443\";ma=900;\r\ntransfer-encoding: chunked\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apple MapKit JS","description":"Apple MapKit JS lets you embed interactive maps directly into your websites across platforms and operating systems, including iOS and Android.","website":"https://developer.apple.com/maps/web/","common_platform_enumeration":"","icon":"Apple.svg","categories":["Maps"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.26.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":261136,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (19957)","md5":"f43994e719a1f15c33fd0b15f54772dd","sha1":"758556605930b92efabac3e1a2c7a0afd70fe722","sha256":"09ebce3dedfc305f0d8d42ad43af26d58b946831659199e8e3104d6c6f4a5652","sha512":"18ffe91ad84ff871677f260b9ebc0dd875f678ea658387ea80830be6ce6f478e2c73f3ee1be6ecdb02360fea4fd95a62eb327e8fa54a403ed765a1f1fb1d4891","ssdeep":"1536:D//QCQrsBiW8d05E3mB7aInGnNEAqbLIN3q8dHO9Ga5lLZ+8uwEEUbiUuvY7ax/p:7iEuLbiU4bRrOI","tlshash":"ef440c7b324da83e030387dee4162934e69fac79dae680e9f9b747251343de0616ed14","first_seen":"2026-01-25T04:18:59.329616Z","last_seen":"2026-01-26T08:44:22.035786Z","times_seen":8,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":20,"dns":1,"connect":19,"send":0,"wait":60,"receive":40,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-25T13:52:35Z","timestamp":1769349155,"ip_dst":{"addr":"31.58.58.46","port":80,"asn":834,"as":"IPXO","country":"United Arab Emirates","country_code":"AE"},"ip_src":{"addr":"172.18.0.28","port":38918,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.ignorelist .com Domain","source":"{\"timestamp\":\"2026-01-25T13:52:35.228900+0000\",\"flow_id\":1385692280342547,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.28\",\"src_port\":38918,\"dest_ip\":\"31.58.58.46\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2039843,\"rev\":2,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.ignorelist .com Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_11_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_02\"]}},\"http\":{\"hostname\":\"isupport.ignorelist.com\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":254},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":680,\"bytes_toclient\":7710,\"start\":\"2026-01-25T13:52:35.149523+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-25","alert":"Phishing Block","trigger":"isupport.ignorelist.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-25","alert":"Sinkholed","trigger":"isupport.ignorelist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}