{"report_id":"03800735-00f2-4b12-89a6-59d5c45e1e01","version":6,"status":"done","tags":[],"date":"2024-12-16T04:01:30Z","url":{"schema":"http","addr":"88-99-61-21.top/Getintopc.com/Internet_Download_Manager_v6.42_Build_26.rar?md5=bDdx0sdU9-_9n0KWnLg8bw\u0026expires=1736913534","fqdn":"88-99-61-21.top","domain":"88-99-61-21.top","tld":"top"},"ip":{"addr":"88.99.61.21","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-02-24T04:01:30Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"88-99-61-21.top","ip":{"addr":"88.99.61.21","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2024-01-09","domain_rank":0,"first_seen":"2024-01-18T06:42:10Z","last_seen":"2024-12-16T01:35:28.755698Z","alert_count":1,"request_count":1,"received_data":14207969,"sent_data":574,"comment":"","tags":null,"fingerprints":null}],"files":[{"md5":"e4f8a769e3903df9d5e40533c48f3a35","sha1":"aecc7e4d18c0357a6aedf18951e2a7d47ac231b4","sha256":"6bf9c00198b28856ed4d244d47196f3712102226e85bd39b67e0aa210ceea2df","sha512":"cd8f740e8aa327499508d2c387087337c4b67c981120e857826cd5750894efd77308547523ce3490899b92968828c2b85f3390c0f94096305e568544a8f07be5","magic":"RAR archive data, v5","size":14207614,"url":{"schema":"https","addr":"88-99-61-21.top/Getintopc.com/Internet_Download_Manager_v6.42_Build_26.rar?md5=bDdx0sdU9-_9n0KWnLg8bw\u0026expires=1736913534","fqdn":"88-99-61-21.top","domain":"88-99-61-21.top","tld":"top"},"ip":{"addr":"88.99.61.21","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"archive":null,"alerts":{"urlquery":null,"analyzer":null}}],"artifacts":{"windows_shortcuts":null,"files":[{"md5":"e4f8a769e3903df9d5e40533c48f3a35","sha1":"aecc7e4d18c0357a6aedf18951e2a7d47ac231b4","sha256":"6bf9c00198b28856ed4d244d47196f3712102226e85bd39b67e0aa210ceea2df","sha512":"cd8f740e8aa327499508d2c387087337c4b67c981120e857826cd5750894efd77308547523ce3490899b92968828c2b85f3390c0f94096305e568544a8f07be5","magic":"RAR archive data, v5","size":14207614,"url":{"schema":"https","addr":"88-99-61-21.top/Getintopc.com/Internet_Download_Manager_v6.42_Build_26.rar?md5=bDdx0sdU9-_9n0KWnLg8bw\u0026expires=1736913534","fqdn":"88-99-61-21.top","domain":"88-99-61-21.top","tld":"top"},"ip":{"addr":"88.99.61.21","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"archive":null,"alerts":{"urlquery":null,"analyzer":null}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-16","alert":"Sinkholed","trigger":"88-99-61-21.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"88-99-61-21.top/Getintopc.com/Internet_Download_Manager_v6.42_Build_26.rar?md5=bDdx0sdU9-_9n0KWnLg8bw\u0026expires=1736913534","fqdn":"88-99-61-21.top","domain":"88-99-61-21.top","tld":"top"},"ip":{"addr":"88.99.61.21","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-12-16T04:01:00.610Z","timestamp":1734321660610,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"88-99-61-21.top","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 Nov 2024 09:23:48 GMT","end":"Tue, 04 Feb 2025 09:23:47 GMT"},"fingerprint":{"sha1":"1C:67:D8:20:15:6B:B5:4B:E7:AD:82:A7:03:C2:80:60:B4:02:C7:11","sha256":"61:65:B5:EC:C9:14:87:9F:BC:79:05:81:9B:5B:7F:E7:62:2A:E6:99:E3:5A:22:03:54:F5:0C:FC:08:D2:7E:B8"}}},"request":{"raw":"GET /Getintopc.com/Internet_Download_Manager_v6.42_Build_26.rar?md5=bDdx0sdU9-_9n0KWnLg8bw\u0026expires=1736913534 HTTP/1.1\r\nHost: 88-99-61-21.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 16 Dec 2024 04:01:00 GMT\r\ncontent-type: application/x-rar-compressed\r\ncontent-length: 14207614\r\nlast-modified: Sun, 15 Dec 2024 10:50:51 GMT\r\netag: \"675eb48b-d8ca7e\"\r\ncontent-disposition: attachment; filename=\"/Getintopc.com/Internet_Download_Manager_v6.42_Build_26.rar\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14207614,"size_decoded":14207614,"mime_type":"application/x-rar-compressed","magic":"RAR archive data, v5","md5":"e4f8a769e3903df9d5e40533c48f3a35","sha1":"aecc7e4d18c0357a6aedf18951e2a7d47ac231b4","sha256":"6bf9c00198b28856ed4d244d47196f3712102226e85bd39b67e0aa210ceea2df","sha512":"cd8f740e8aa327499508d2c387087337c4b67c981120e857826cd5750894efd77308547523ce3490899b92968828c2b85f3390c0f94096305e568544a8f07be5","ssdeep":"393216:JfrA2iaqntpgpcmCYbx3a8zTTG/dlqolYsDf:JsaqnjgpqYlq8zIYE","tlshash":"7de633c709abc714a7f8425eeeaf25217896037446afa6cb0f3b0f4c506171316789ee","first_seen":"2024-12-16T04:01:34.014417Z","last_seen":"2024-12-16T04:01:34.014417Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4939,"timings":{"blocked":95,"dns":18,"connect":24,"send":0,"wait":34,"receive":4709,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-16","alert":"Sinkholed","trigger":"88-99-61-21.top","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}