{"report_id":"05262d82-c3fd-4838-bb73-c298b60876d2","version":0,"status":"done","tags":[],"date":"2026-06-17T16:15:08Z","url":{"schema":"http","addr":"lemondesktop.me","fqdn":"lemondesktop.me","domain":"lemondesktop.me","tld":"me"},"ip":{"addr":"91.92.241.250","port":0,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"final":{"url":{"schema":"https","addr":"lemondesktop.me/","fqdn":"lemondesktop.me","domain":"lemondesktop.me","tld":"me"},"title":"Lemon Cash for Windows — Desktop App | Lemon Cash","dom":{"size":51032,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (442)","md5":"19af7e1cc974f07ac29e93d6f9d0facc","sha1":"71595aa70c6f6e7301c813fe35517bb1e87ea057","sha256":"3fb922c93083990740f5ed1adcbad28026c73f439113c0a3ed44ef04e231d6a3","sha512":"7fc1945e3e395db21b9d9764fbf86324ea4d80bcd10d83afbb47209d7dc5ae74e9388e8f786f72df4e3f85db729f50b222b4a3722b35cd8f9fe82b4c54a6ebc5","ssdeep":"384:YfpxAvU4pI5D6yi0AUiAmjKGHjmrD2caXYlAaN6EDZKAQuHOUF:SfAsQqD6yi0AzAqtk2ClAa8EMAQuH5","tlshash":"a533a26b72f31072682394a42bf717566b64d407c449ca6537ac239c8fcafd99da338c","dom_hash":"domhash8da2825bab15bc89a128ca553f6d8cf4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"lemondesktop.me","fqdn":"lemondesktop.me","domain":"lemondesktop.me","tld":"me"},"ip":{"addr":"91.92.241.250","port":0,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T16:15:08Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"lemondesktop.me","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"lemondesktop.me","ip":{"addr":"91.92.241.250","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"domain_registered":"2026-06-05","domain_rank":0,"first_seen":"2026-06-16T07:41:40.306444Z","last_seen":"2026-06-16T07:41:40.306444Z","alert_count":1,"request_count":1,"received_data":49955,"sent_data":484,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"lemondesktop.me/","fqdn":"lemondesktop.me","domain":"lemondesktop.me","tld":"me"},"ip":{"addr":"91.92.241.250","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"3df6977d95774d541c0e1407e8570b9a","sha1":"288ad64edda87b9e9eba337daa361f20df47f30f","sha256":"dac3a32b31d4cc37ef90a5e7e572863091ed68e9d83b643a7e3381f541fe3913","sha512":"252878128bfd5ef3ff1dfc09e83c5a84142464803d6428be5ff16511e9cb9a716fa1d4eeb546438686dfdbdb08327ca7fb450bec9e7dc90d08e1c92a47f5d3fb","ssdeep":"","tlshash":"15219b2f69f601be0473633663ae4705763a005b24458a663f2c47966fd4d2c3ae1eb6","size":1198,"data":"","first_seen":"2026-06-16T07:41:49.68902Z","last_seen":"2026-06-17T16:15:09.683085Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"lemondesktop.me/","fqdn":"lemondesktop.me","domain":"lemondesktop.me","tld":"me"},"ip":{"addr":"91.92.241.250","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T16:14:45.364Z","timestamp":1781712885364,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lemondesktop.me","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Jun 2026 12:33:19 GMT","end":"Thu, 03 Sep 2026 12:33:18 GMT"},"fingerprint":{"sha1":"10:83:A2:FF:8C:72:35:36:D7:C5:5F:6A:D9:52:94:14:8D:B4:D3:25","sha256":"EB:19:10:7F:07:40:09:16:3E:26:E6:A5:71:20:EF:9E:93:02:FB:37:13:8E:8C:76:0F:C4:60:1C:76:6F:6E:12"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: lemondesktop.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nalt-svc: h3=\":443\"; ma=2592000\r\ncontent-encoding: zstd\r\ncontent-type: text/html\r\ndate: Wed, 17 Jun 2026 16:14:45 GMT\r\netag: \"6a24feed-c218\"\r\nlast-modified: Sun, 07 Jun 2026 05:17:33 GMT\r\nserver: nginx/1.31.1\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49688,"size_decoded":11209,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (442)","md5":"7fb6a057bbfb82fbc47167aa900d2c5d","sha1":"e715752102ac22c702e52b5c6c8926a7d1a203c2","sha256":"d12d096d62d6806ecb8b97a176b13e632e20750f0a83cfa754085076fe199cc8","sha512":"16042ebb97bf947800c6dd7a8dccd901565d83b4ce28c23b055dcb862e0f9b05523301e3bc859e1af98013daa83ef099ce1ef14c7e5bf0679801afaa667f7367","ssdeep":"384:6fvxAvU4pI5D6yi0AUiAmjKGbTKBDg2aX+lA6NcYDZKAQuHOUp:UZAsQqD6yi0AzAqtygWlA6mYMAQuH9","tlshash":"8523726b62f31076692394a42be717576a60d407c449ca103bac239c8fcbfd9dda378c","first_seen":"2026-06-16T07:41:49.687712Z","last_seen":"2026-06-17T16:15:09.681725Z","times_seen":2,"resource_available":true,"data":null}},"time_used":525,"timings":{"blocked":-1,"dns":301,"connect":59,"send":0,"wait":62,"receive":0,"ssl":102},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"lemondesktop.me","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}